Chosen Ciphertext k-Trace Attacks on Masked CCA2 Secure Kyber


  • Mike Hamburg Rambus Labs, San Jose, USA
  • Julius Hermelink Universität der Bundeswehr München, Munich, Germany
  • Robert Primas Graz University of Technology, Graz, Austria
  • Simona Samardjiska Radboud University, Nijmegen, The Netherlands
  • Thomas Schamberger Technical University of Munich (TUM), Munich, Germany
  • Silvan Streit Fraunhofer Institute AISEC, Garching near Munich, Germany
  • Emanuele Strieder Fraunhofer Institute AISEC, Garching near Munich, Germany
  • Christine van Vredendaal NXP Semiconductors, Eindhoven, The Netherlands



Kyber, NTT, belief propagation, side-channel attack, CCA, BKZ


Single-trace attacks are a considerable threat to implementations of classic public-key schemes, and their implications on newer lattice-based schemes are still not well understood. Two recent works have presented successful single-trace attacks targeting the Number Theoretic Transform (NTT), which is at the heart of many lattice-based schemes. However, these attacks either require a quite powerful side-channel adversary or are restricted to specific scenarios such as the encryption of ephemeral secrets. It is still an open question if such attacks can be performed by simpler adversaries while targeting more common public-key scenarios. In this paper, we answer this question positively. First, we present a method for crafting ring/module-LWE ciphertexts that result in sparse polynomials at the input of inverse NTT computations, independent of the used private key. We then demonstrate how this sparseness can be incorporated into a side-channel attack, thereby significantly improving noise resistance of the attack compared to previous works. The effectiveness of our attack is shown on the use-case of CCA2 secure Kyber k-module-LWE, where k ∈ {2, 3, 4}. Our k-trace attack on the long-term secret can handle noise up to a σ ≤ 1.2 in the noisy Hamming weight leakage model, also for masked implementations. A 2k-trace variant for Kyber1024 even allows noise σ ≤ 2.2 also in the masked case, with more traces allowing us to recover keys up to σ ≤ 2.7. Single-trace attack variants have a noise tolerance depending on the Kyber parameter set, ranging from σ ≤ 0.5 to σ ≤ 0.7. As a comparison, similar previous attacks in the masked setting were only successful with σ ≤ 0.5.




How to Cite

Hamburg, M., Hermelink, J., Primas, R., Samardjiska, S., Schamberger, T., Streit, S., Strieder, E., & van Vredendaal, C. (2021). Chosen Ciphertext k-Trace Attacks on Masked CCA2 Secure Kyber. IACR Transactions on Cryptographic Hardware and Embedded Systems, 2021(4), 88–113.