A comprehensive side-channel leakage assessment of CRYSTALS-Kyber in IIoT

Abstract

Following the establishment of the draft standardization for Post-Quantum Cryptography (PQC), cryptographic systems across various sectors have undergone a paradigm shift. Although the theoretical strength of PQC has provided a robust foundation for securing communications against quantum threats, physical implementations of PQC algorithms remain vulnerable to Side-Channel Attacks (SCAs). Existing SCA studies predominantly focus on the attack process, lacking thorough side-channel leakage assessments and comparisons of inherent vulnerabilities at different attack points and with different countermeasures. In this paper, we first present a comprehensive assessment of side-channel leakage and resistance of four attack points within an ARM Cortex-M4 implementation of Kyber, including its masked version. This assessment employs a range of countermeasures such as noise addition, random delays, clock jitter, and their combinations. Besides, we also build deep-learning models for attacking, thereby verifying the results of the leakage assessments. By collaboratively utilizing three distinct leakage assessment approaches and deep learning-based attack results, we experimentally demonstrate that different algorithmic intermediate values of Kyber are suited to different countermeasures, which advances our understanding of the capacity and vulnerability of PQC implementations.