SPA Attack on NTRU Protected Implementation with Sparse Representation of Private Key

Tomáš Rabas; Jiří Buček; Róbert Lórencz

doi:10.5220/0011729200003405

SPA Attack on NTRU Protected Implementation with Sparse Representation of Private Key

Tomáš Rabas, Jiří Buček, Róbert Lórencz

2023

Abstract

NTRU is a post-quantum public-key, lattice-based cryptosystem. Several suggested implementations claim to be simple-power analysis resistant. One of these implementations was described in (An et al., 2018) using a sparse representation of a private key and a new design of an algorithm for the multiplication of polynomials. We show that it is still vulnerable. We theoretically explain a vulnerability in the algorithm description that could potentially lead to a single-trace attack. We practically perform the attack on two targets with different architectures: an 8-bit microcontroller of the AVR family and a 32-bit microcontroller ARM Cortex-M0. Statistical analysis performed on the second target, measured by the ChipWhisperer platform, shows that with a chance of 91.0% we get the correct key just from one measured trace. Ability to get two measurements raises our probability of a successful attack up to 99.6%.

Download

Paper Citation

in Harvard Style

Rabas T., Buček J. and Lórencz R. (2023). SPA Attack on NTRU Protected Implementation with Sparse Representation of Private Key. In Proceedings of the 9th International Conference on Information Systems Security and Privacy - Volume 1: ICISSP, ISBN 978-989-758-624-8, pages 135-143. DOI: 10.5220/0011729200003405

in Bibtex Style

@conference{icissp23,
author={Tomáš Rabas and Jiří Buček and Róbert Lórencz},
title={SPA Attack on NTRU Protected Implementation with Sparse Representation of Private Key},
booktitle={Proceedings of the 9th International Conference on Information Systems Security and Privacy - Volume 1: ICISSP,},
year={2023},
pages={135-143},
publisher={SciTePress},
organization={INSTICC},
doi={10.5220/0011729200003405},
isbn={978-989-758-624-8},
}

in EndNote Style

TY - CONF

JO - Proceedings of the 9th International Conference on Information Systems Security and Privacy - Volume 1: ICISSP,
TI - SPA Attack on NTRU Protected Implementation with Sparse Representation of Private Key
SN - 978-989-758-624-8
AU - Rabas T.
AU - Buček J.
AU - Lórencz R.
PY - 2023
SP - 135
EP - 143
DO - 10.5220/0011729200003405