AI power analysis breaks post-quantum security algorithm
One of the key post quantum security algorithms agreed as the latest standard has been broken by Swedish researchers.
The CRYSTALS-Kyber algorithm was chosen last year as part of the standards by the US National Institute of Standards and Technology (NIST) for encapsulating data as protection from attack by quantum computers.
The researchers at the KTH Royal Institute of Technology, Stockholm, used a combination of a new machine learning AI algorithm and side channel attacks using the power lines to break the algorithm.
CRYSTALS-Kyber has been selected by the NIST as a public key encryption and key encapsulation mechanism to be standardized. It is also included in the NSA’s suite of cryptographic algorithms recommended for national security systems. This makes it important to evaluate the resistance of CRYSTALS-Kyber’s implementations to side-channel attacks.
- Algorithms agreed for post-quantum security standard
- Europe leads on post-quantum encryption technology
The Kyber algorithm is already used by Cloudflare alongside other post quantum algorithms into CIRCL, the Cloudflare Interoperable, Reusable Cryptographic Library and Amazon now supports hybrid modes involving Kyber in the AWS Key Management Service. IBM also uses the Kyber and Dilithium algorithms for a ‘quantum safe’ tape drive.
- NXP helps NIST with post-quantum cryptography standard
- Crypto Quantique teams for post quantum encryption
The algorithm has already been hardened against direct attacks but the researchers looked at a more sophisticated side channel attack using fluctuations in the power consumption to break the code running in an ARM Cortex-M4 CPU.
The team – Elena Dubrova, Kalle Ngo, and Joel Gärtner – developed a new neural network training method called recursive learning that allowed them to recover a message bit with the probability above 99%.
For trace acquisition, they used a Chipwhisperer-lite board, a CW308 UFO board, and a CW308T-STM32F4 target board with the STM32F415-RGT6 ARM Cortex-M4 CPU. The STM32F415- RGT6 is programmed to a C implementation of CRYSTALS-Kyber compiled with arm-none-eabi-gcc with the optimization level -O3 as the recommended default. The target board is run and sampled at 24 MHz.
The team is currently working on developing countermeasures against the side-channel attacks on the algorithm.
Related post quantum encryption articles
- NXP, IBM look to post quantum algorithms for smart cards
- Infineon teams for first post-quantum passport security
If you enjoyed this article, you will like the following ones: don't miss them by subscribing to :
