Publication:
Single-Trace Side-Channel Attacks on Ω-Small Polynomial Sampling

Simple item page
dc.authorscopusid57217587007
dc.authorscopusid43261000900
dc.authorscopusid36561199600
dc.authorwosidAlkim, Erdem/Jzu-0054-2024
dc.contributor.authorKarabulut, Emre
dc.contributor.authorAlkim, Erdem
dc.contributor.authorAysu, Aydin
dc.contributor.authorIDAlkim, Erdem/0000-0003-4638-2422
dc.contributor.authorIDKarabulut, Emre/0000-0003-1606-4108
dc.contributor.authorIDAysu, Aydin/0000-0002-5530-8710
dc.date.accessioned2025-12-11T01:25:10Z
dc.date.issued2021
dc.departmentOndokuz Mayıs Üniversitesien_US
dc.department-temp[Karabulut, Emre; Aysu, Aydin] North Carolina State Univ, Dept Elect & Comp Engn, Raleigh, NC 27695 USA; [Alkim, Erdem] Ondokuz Mayis Univ, Dept Comp Engn, Samsun, Turkeyen_US
dc.descriptionAlkim, Erdem/0000-0003-4638-2422; Karabulut, Emre/0000-0003-1606-4108; Aysu, Aydin/0000-0002-5530-8710en_US
dc.description.abstractThis paper proposes a new single-trace side-channel attack on lattice-based post-quantum protocols. We target the.-small polynomial sampling of NTRU, NTRU Prime, and CRYSTALS-DILITHIUM algorithm implementations (which are NIST Round-3 finalist and alternative candidates), and we demonstrate the vulnerabilities of their sub-routines to a power-based side-channel attack. Specifically, we reveal that the sorting implementation in NTRU/NTRU Prime and the shuffling in CRYSTALS-DILITHIUM's omega-small polynomial sampling process leaks information about the '-1', '0', or '+1' assignments made to the coefficients. We further demonstrate that these assignments can be found within a single power measurement and that revealing them allows secret and session key recovery for NTRU/NTRU Prime, while reducing the challenge polynomial's entropy for CRYSTALS-DILITHIUM. We execute our proposed attacks on an ARM Cortex-M4 microcontroller running the reference software submissions from NIST Round-3 software packages. The results show that our attacks can extract coefficients with a success rate of 99.78% for NTRU and NTRU Prime, reducing the search space to 2(41) or below. For CRYSTALS-DILITHIUM, our attack recovers the coefficients' signs with over 99.99% success, reducing rejected challenge polynomials' entropy between 39 to 60 bits. Our work informs the proposers about the single-trace vulnerabilities of their software and urges them to develop single-trace resilient software for low-cost microcontrollers.en_US
dc.description.sponsorshipNational Science Foundation [1850373]; Direct For Computer & Info Scie & Enginr; Division Of Computer and Network Systems [1850373] Funding Source: National Science Foundationen_US
dc.description.sponsorshipThis research is supported in part by the National Science Foundation under Grant No. 1850373. NCSU is an academic partner of Riscure Inc., and we thank them for providing hardware/software support for side-channel analysis.en_US
dc.description.woscitationindexConference Proceedings Citation Index - Science
dc.identifier.doi10.1109/HOST49136.2021.9702284
dc.identifier.endpage45en_US
dc.identifier.isbn9781665413572
dc.identifier.scopus2-s2.0-85126828826
dc.identifier.startpage35en_US
dc.identifier.urihttps://doi.org/10.1109/HOST49136.2021.9702284
dc.identifier.urihttps://hdl.handle.net/20.500.12712/43587
dc.identifier.wosWOS:000802236600004
dc.language.isoenen_US
dc.publisherIEEEen_US
dc.relation.ispartofIEEE International Symposium on Hardware-Oriented Security and Trust (IEEE HOST) -- Dec 13-14, 2021 -- Electr Networken_US
dc.relation.publicationcategoryKonferans Öğesi - Uluslararası - Kurum Öğretim Elemanıen_US
dc.rightsinfo:eu-repo/semantics/closedAccessen_US
dc.subjectSide-Channel Attacksen_US
dc.subjectPost-Quantum Cryptographyen_US
dc.subjectNTRUen_US
dc.subjectCRYSTALS-Dilithiumen_US
dc.titleSingle-Trace Side-Channel Attacks on Ω-Small Polynomial Samplingen_US
dc.typeConference Objecten_US
dspace.entity.typePublication

Files

Collections

WoS İndeksli Yayınlar Koleksiyonu
Scopus İndeksli Yayınlar Koleksiyonu