With the rapid development of quantum computing technology, the practical deployment of post-quantum cryptographic algorithms faces severe hardware security challenges. As a selected algorithm in the NIST post-quantum cryptography standardization project, the code-based Hamming Quasi-Cyclic (HQC) key encapsulation mechanism has been mathematically proven to possess quantum-resistance. However, its physical implementation could be vulnerable to side-channel attacks. This paper first reveals the side-channel vulnerability of the critical operation \(v-uy\) in the HQC decapsulation process. By precisely constructing ciphertexts and exploiting the Hamming weight leakage of the \(vect\_add\) operation’s computational results, efficient recovery of the HQC-128 secret key is achieved. Experimental results show that with the highest optimization level of the compiler (-O3), the full key extraction can be completed with only 3,500 power traces. This finding not only provides positive analysis for the side-channel security of HQC but also offers a crucial warning for the physical layer security design of post-quantum cryptographic algorithms. The research findings highlight the necessity of ’Algorithm-Implementation-Physics’ collaborative security assessment in the post-quantum cryptography standardization process.

错误:搜索内容不能为空,请输入英文关键词
错误:关键词超出字数限制,请精简
高级检索

Bit-By-Bit Total Collapse: A Novel Side-Channel Attack on HQC-128 Decapsulation

  • Yang Yi,
  • Zhu Wang,
  • Jianfeng Du,
  • Aimin Yu

摘要

With the rapid development of quantum computing technology, the practical deployment of post-quantum cryptographic algorithms faces severe hardware security challenges. As a selected algorithm in the NIST post-quantum cryptography standardization project, the code-based Hamming Quasi-Cyclic (HQC) key encapsulation mechanism has been mathematically proven to possess quantum-resistance. However, its physical implementation could be vulnerable to side-channel attacks. This paper first reveals the side-channel vulnerability of the critical operation \(v-uy\) in the HQC decapsulation process. By precisely constructing ciphertexts and exploiting the Hamming weight leakage of the \(vect\_add\) operation’s computational results, efficient recovery of the HQC-128 secret key is achieved. Experimental results show that with the highest optimization level of the compiler (-O3), the full key extraction can be completed with only 3,500 power traces. This finding not only provides positive analysis for the side-channel security of HQC but also offers a crucial warning for the physical layer security design of post-quantum cryptographic algorithms. The research findings highlight the necessity of ’Algorithm-Implementation-Physics’ collaborative security assessment in the post-quantum cryptography standardization process.