DISTANT Training School

However, the practical implementation of PQC algorithms on software and hardware platforms presents many challenges. One of them is assuring resistance to side-channel attacks. In this talk, we will present several recent side-channel attacks on implementations of CRYSTALS-Kyber key encapsulation mechanism and CRYSTALS-Dilithium digital signature scheme using deep learning-based power analysis.

Bio: Elena Dubrova received the Diploma Engineer degree in Computer Science from Technical University of Sofia, Bulgaria, in 1993, and Ph.D. degree in Computer Science from University of Victoria, B.C., Canada, in 1998. Since 2008 she has been a professor at the School of Electrical Engineering and Computer Science at the Royal Institute of Technology, Stockholm, Sweden. She has over 100 publications and 15 granted patents. Her work has been awarded prestigious prices such as IBM faculty partnership award for outstanding contributions to IBM research and development. She is a world's top 2% scientist according to the Stanford University ranking from 2020. Her research interests include hardware security, lightweight cryptography, logic synthesis, and multiple-valued logic.

The research in this area focuses on analysing what happens when an adversary has physical access to such a device and is able to perform power or time-consumption measurements while the device is computing on sensitive data. The talks at the DISTANT training school explore this question in different settings and the goal of this introductory talk is to give an overview and a broad understanding of the mathematical structures that lie behind post-quantum cryptographic schemes.

Bio: Monika Trimoska is an assistant professor at the Coding Theory and Cryptology group at Eindhoven University of Technology (TU/e). Her primary research interest is cryptanalysis of post-quantum cryptosystems, specifically multivariate, code-based, and isogeny-based. Her goal is to ensure, first from a theoretical and then from a practical point of view, that the security of emerging cryptosystems is thoroughly investigated before their deployment in the real world. Trimoska obtained her Ph.D. in cryptography at the University of Picardie, in France, where she was subsequently a teaching and research assistant. After that, she was a postdoc at Radboud University, until she joined TU/e in 2023.

Given that AI-assisted SCA has also targeted post-quantum cryptography (PQC) schemes, it is interesting to go through lessons learned from attacks in the classic world to launch attacks more effectively in the quantum world. This is the focus of our talk.

However, the physical security of the system is still threatened by a new class of physical attacks known as active or backscattered SCAs. These attacks rely on power/signal integrity (PI/SI), electromagnetic compatibility (EMC), and failure analysis (FA) methods. In backscattered SCAs, the attacker stimulates the target device using signals in the forms of microwave radiations, near-infrared laser beams, or even electron beams and measures the reflected/scattered signals. The state of a circuit or memory contents affects the system's physical characteristics (e.g., die's impedance, absorption coefficient and refractive index of transistors' material, etc.). Thus, the scattered signal is modulated and can be exploited by the attacker to extract secret information from the chip. In this talk, we first review some of these powerful physical attacks and discuss why conventional countermeasures fail to defend the system. Afterward, we explore the feasibility of building novel schemes at the physical layer of the system for detecting such attacks using sensors and responding to them using moving target defenses.

Bio: Dr. Shahin Tajik is an Assistant Professor at the electrical and computer engineering (ECE) department of Worcester Polytechnic Institute (WPI) in Massachusetts, USA. He is also the technical lead for the tech area Secure Edge Computing at the Northeastern Microelectronics Coalition (NEMC), which is selected as an innovation hub for CHIPS ACT's Microelectronics Commons program. Dr. Tajik received his Ph.D. in Electrical Engineering in 2017 from the working group SECT, a collaboration of the Technical University of Berlin and Deutsche Telekom Innovation Laboratories in Germany. His field of research includes non-invasive and semi-invasive attacks, Physically Unclonable Functions (PUFs), FPGA Security, and designing tamper detection mechanisms. He is the recipient of NSF CAREER Award in 2024.

In this talk, I will present the implementation of side-channel attacks and some common countermeasures. First, I will outline the scenario of the attack and how one can exploit the leakages. Later, we will explore methods for preventing these attacks by securely implementing the code.

We look into further details about the implementation of this attack using measurements from an ARM Cortex-M4 microcontroller. Through some experiments, we show it is feasible to recover the full encryption key using only a few thousand traces if we use some customized clustering technique to label the traces blindly. This work highlights the vulnerability of Kyber KEM to blind side-channel attacks, emphasizing the need for enhanced security measures in its implementation on various platforms.

In this context, we will cover attacks using malicious chosen-ciphertexts, valid chosen-ciphertexts as well as emerging blind side-channel attacks on Kyber KEM. We will then discuss potential direction and future works.