Development of Tamper-resistant Post-Quantum Cryptographic Hardware

• Project/Area Number: 19K24336
• Research Category: Grant-in-Aid for Research Activity Start-up
• Allocation Type: Multi-year Fund
• Review Section: 1001:Information science, computer engineering, and related fields
• Research Institution: Tohoku University
• Principal Investigator: YLIMAEYRY VILLE 東北大学, 電気通信研究所, 助教(研究特任) (80846519)
• Project Period (FY): 2019-08-30 – 2021-03-31
• Project Status: Discontinued (Fiscal Year 2020)
• Budget Amount: ¥2,860,000 (Direct Cost: ¥2,200,000、Indirect Cost: ¥660,000); Fiscal Year 2020: ¥1,430,000 (Direct Cost: ¥1,100,000、Indirect Cost: ¥330,000); Fiscal Year 2019: ¥1,430,000 (Direct Cost: ¥1,100,000、Indirect Cost: ¥330,000)
• Keywords: サイドチャネル解析 / ハードウェア実装 / post-quantum / cryptography / hardware implementation / side-channel analysis / hardware / side-channel attacks

Outline of Research at the Start

We study efficient and secure hardware implementation of Post-Quantum Cryptography algorithms. Further, we evaluate the security of the implemented hardware accelerators. This evaluation is done to ensure that the implemented algorithms are secure against so called side-channel attacks, that exploit the physical properties of the device the algorithm is implemented on.

Outline of Annual Research Achievements

During this fiscal year, we carried out research into the SABER post-quantum cryptographic (PQC) key exchange algorithm in the the following 2 areas.
1. Hardware implementation
We implemented hashing functions SHA-256 and SHAKE-128 in multiple models, including the resource effective fully pipelined implementation, and the partially unrolled, low latency implementation. We designed the scheduling of simultaneous execution of computation modules which allows the hardware implementation of the key exchange to parallelize several steps of the algorithm.
2. Side-channel security evaluation
We considered (A) traditional side-channel attacks on multiplication modules of PQC algorithms using electro-magnetic radiation emanating from the attacked device (B) a new side-channel attack we proposed which can exploit path activation biases in unrolled block ciphers and hashing functions, such as SHA-256 used in SABER (C) fault injection attacks on PQC, which intentionally produce erroneous computation in the attacked device processing the PQC key exchange. We believe the research of (A) is widely examined in other works, so we did not pursue it in detail. However, using (B), we demonstrated a new type of side-channel leakage that might be exploited to reveal secret inputs of the hashing algorithms. Further, using (C), we found that an attacker may reveal secret information about the key exchange by injecting faults into the clock signal used in the device to skip some computation.

Research Products

• [Journal Article] Diffusional Side-Channel Leakage From Unrolled Lightweight Block Ciphers: A Case Study of Power Analysis on PRINCE (2021)
  • Author(s): Ville Yli-Mayry, Rei Ueno, Noriyuki Miura, Makoto Nagata, Shivam Bhasin, Yves Mathieu, Tarik Graba,Jean-Luc Danger, Naofumi Homma
  • Journal Title: IEEE TRANSACTIONS ON INFORMATION FORENSICS AND SECURITY Volume: 16 Pages: 1351-1363
  • DOI: 10.1109/tifs.2020.3033441
  • Peer Reviewed / Open Access / Int'l Joint Research