Analysis of Dilithium post-quantum electronic signature resistance to fault attacks

Authors

  • Ю.І. Горбенко
  • О.С. Дроздова

DOI:

https://doi.org/10.30837/rt.2020.3.202.04

Keywords:

electronic signature, post-quantum cryptography, security, differential fault attack, countermeasures.

Abstract

Analysis of a perspective variant of post-quantum electronic signature based on algebraic lattices of Dilithium is carried out. The central task of the analysis is to study the resistance of Dilithium to fault attacks, in particular differential ones. First, information is given about the ES scheme itself and its security, fault attacks, their development to differential fault attacks. Possibilities of carrying out these attacks and criteria of their successful execution are considered. The places of the ES algorithm that need protection against fault attacks were identified, such as hash function (the moment of access to it and operation of polynomials multiplying), the stage of loading the private key, the function of expanding seed. Also, nonce reuse and partial nonce reuse when generating keys poses a significant threat, and by carrying out such an attack, the attacker can fully recover the long-term Dilithium private key. Attacks countermeasures are formed based on the sources analysis, their advantages and negative effects are presented. Methods of protection against such attacks are: re-calculation of the signature; verification of signature after signing, which is three times faster than the previous method; introducing additional randomness to the deterministic noise sampling; checking the value of secret and false components (nonce); calculating the average value and variance of the sample, and checking them for belonging to a given range. The results of this work provide researchers with a guide for the development of secure post-quantum electronic signature schemes.

References

CRYSTALS-Dilithium. Algorithm Specifications and Supporting Documentation. Access mode https://pq-crystals.org/dilithium/data/dilithium-specification-round2.pdf

Відео-конференція NIST. Режим доступу: https://icmconference.org/?page_id=14324

Dan Boneh, Richard A. DeMillo, and Richard J. Lipton. On the Importance of CheckingCryptographic Protocols for Faults (Extended Abstract). InEUROCRYPT, Lecture Notesin Computer Science, pages 37–51. Springer, 1997.

Eli Biham and Adi Shamir. Differential Fault Analysis of Secret Key Cryptosystems. InCRYPTO, Lecture Notes in Computer Science, pages 513–525. Springer, 1997.

H. Bar-El, H. Choukri, D. Naccache, M. Tunstall, and C. Whelan. The sorcerer’s apprentice guide to fault attacks // Proceedings of the IEEE, vol. 94, no. 2, pp. 370–382, 2006.

Y. Kim, R. Daly, J. Kim, C. Fallin, J. H. Lee, D. Lee, C. Wilkerson, K. Lai, and O. Mutlu. Flipping bits in memorywithout accessing them: An experimental study of dram disturbance errors // SIGARCH Comput. Archit. News, vol. 42,no. 3, pp. 361–372, Jun. 2014. Access mode: http://doi.acm.org/10.1145/2678373.2665726

Leon Groot Bruinderink and Peter Pessl. Differential Fault Attacks on Deterministic Lattice Signatures // Access mode: https://eprint.iacr.org/2018/355.pdf

Vadim Lyubashevsky, Chris Peikert and Oded Regev. A Toolkit for Ring-LWE Cryptography. // EUROCRYPT, volume 7881 ofLecture Notes inComputer Science, pages 35–54. Springer, 2013.

Prasanna Ravi1, Debapriya Basu Roy, Shivam Bhasin, Anupam Chattopadhyay, and Debdeep Mukhopadhyay. Number "Not Used" Once – Practical fault attack on pqm4 implementations of NIST candidates. Access mode: https://eprint.iacr.org/2018/211.pdf

Christopher Ambrose, Joppe W. Bos, Björn Fay, Marc Joye, Manfred Lochter, and Bruce Murray. Differential Attacks on Deterministic Signatures // CT-RSA, volume 10808 of LNCS, pages 339–353. Springer, 2018.

Vadim Lyubashevsky, Léo Ducas, Eike Kiltz, Tancrède Lepoint, Peter Schwabe, Gregor Seiler and Damien Stehlé // CRYSTALS-Dilithium. Submission to the NIST Post-Quantum Cryptography Standardization [NIS], 2017. Access mode: https://pq-crystals.org/dilithium.

Hermann Seuschek, Johann Heyszl, and Fabrizio De Santis. A Cautionary Note: Side-Channel Leakage Implications of Deterministic Signature Schemes // CS2@HiPEAC, pages 7–12. ACM, 2016.

Niels Samwel, Lejla Batina, Guido Bertoni, Joan Daemen, and Ruggero Susella. Breaking Ed25519 in WolfSSL // CT-RSA, volume 10808 of Lecture Notes in Computer Science, pages 1–20. Springer, 2018.

James Howe, Ayesha Khalidy, Marco Martinoli, Francesco Regazzoniz and Elisabeth Oswald. Fault Attack Countermeasures for Error Samplers // Lattice-Based Cryptography. Access mode: https://eprint.iacr.org/2019/206.pdf

How to Cite

Горбенко, Ю., & Дроздова, О. (2020). Analysis of Dilithium post-quantum electronic signature resistance to fault attacks. Radiotekhnika, 3(202), 49–56. https://doi.org/10.30837/rt.2020.3.202.04

Issue

Section

Articles