<p>FrodoKEM is a lattice-based Public-Key Encryption (PKE)/Key Encapsulation Mechanism (KEM) scheme selected as a third-round candidate in the National Institute of Standards and Technology (NIST) post-quantum cryptography standardization process. It has also been recommended by the German Federal Office for Information Security and the Dutch National Communications Security Agency as a long-term confidential encryption algorithm and has been included in the ISO/IEC JTC 1/SC 27/WG 2 draft international standard for post-quantum cryptography. To address the threats of Side-Channel Attacks (SCA, including timing attacks, power analysis attacks, and fault attacks) against FrodoKEM, this paper proposes a security-enhanced implementation scheme. Specifically, during the sampling phase and ciphertext comparison, isochronous operations are adopted to eliminate timing sensitivity and mitigate the risk of timing attacks. In public key computation, masking techniques are incorporated to obscure critical data and operations, thereby resisting power analysis attacks. Additionally, a sampling calibration mechanism is implemented to detect and mitigate fault attacks. Under the same parameter sets, a performance comparison between the SCA-resistant scheme and the original FrodoKEM demonstrates that the increase in computational overhead is less than 0.8%, and the increase in memory overhead is less than 1.99%. The scheme’s strengthened resilience against SCA is further validated through Test Vector Leakage Assessment (TVLA), achieving a balance between enhanced security and minimal performance degradation.</p>

错误:搜索内容不能为空,请输入英文关键词
错误:关键词超出字数限制,请精简
高级检索

Countermeasures against side-channel attacks in FrodoKEM: an implementation study

  • Aoyang Zhou,
  • Haiying Gao,
  • Mingdeng Wang,
  • Bin Hu

摘要

FrodoKEM is a lattice-based Public-Key Encryption (PKE)/Key Encapsulation Mechanism (KEM) scheme selected as a third-round candidate in the National Institute of Standards and Technology (NIST) post-quantum cryptography standardization process. It has also been recommended by the German Federal Office for Information Security and the Dutch National Communications Security Agency as a long-term confidential encryption algorithm and has been included in the ISO/IEC JTC 1/SC 27/WG 2 draft international standard for post-quantum cryptography. To address the threats of Side-Channel Attacks (SCA, including timing attacks, power analysis attacks, and fault attacks) against FrodoKEM, this paper proposes a security-enhanced implementation scheme. Specifically, during the sampling phase and ciphertext comparison, isochronous operations are adopted to eliminate timing sensitivity and mitigate the risk of timing attacks. In public key computation, masking techniques are incorporated to obscure critical data and operations, thereby resisting power analysis attacks. Additionally, a sampling calibration mechanism is implemented to detect and mitigate fault attacks. Under the same parameter sets, a performance comparison between the SCA-resistant scheme and the original FrodoKEM demonstrates that the increase in computational overhead is less than 0.8%, and the increase in memory overhead is less than 1.99%. The scheme’s strengthened resilience against SCA is further validated through Test Vector Leakage Assessment (TVLA), achieving a balance between enhanced security and minimal performance degradation.