A Side-Channel Attack on a Masked IND-CCA Secure Saber KEM Implementation
DOI:
https://doi.org/10.46586/tches.v2021.i4.676-707Keywords:
Public-key cryptography, post-quantum cryptography, Saber KEM, LWE/LWR-based KEM, side-channel attack, power analysis, deep learningAbstract
In this paper, we present a side-channel attack on a first-order masked implementation of IND-CCA secure Saber KEM. We show how to recover both the session key and the long-term secret key from 24 traces using a deep neural network created at the profiling stage. The proposed message recovery approach learns a higher-order model directly, without explicitly extracting random masks at each execution. This eliminates the need for a fully controllable profiling device which is required in previous attacks on masked implementations of LWE/LWR-based PKEs/KEMs. We also present a new secret key recovery approach based on maps from error-correcting codes that can compensate for some errors in the recovered message. In addition, we discovered a previously unknown leakage point in the primitive for masked logical shifting on arithmetic shares.
Downloads
Published
Issue
Section
License
Copyright (c) 2021 Kalle Ngo, Elena Dubrova, Qian Guo, Thomas Johansson
This work is licensed under a Creative Commons Attribution 4.0 International License.