7 research outputs found
Decryption Failure Attacks on Post-Quantum Cryptography
This dissertation discusses mainly new cryptanalytical results related to issues of securely implementing the next generation of asymmetric cryptography, or Public-Key Cryptography (PKC).PKC, as it has been deployed until today, depends heavily on the integer factorization and the discrete logarithm problems.Unfortunately, it has been well-known since the mid-90s, that these mathematical problems can be solved due to Peter Shor's algorithm for quantum computers, which achieves the answers in polynomial time.The recently accelerated pace of R&D towards quantum computers, eventually of sufficient size and power to threaten cryptography, has led the crypto research community towards a major shift of focus.A project towards standardization of Post-quantum Cryptography (PQC) was launched by the US-based standardization organization, NIST. PQC is the name given to algorithms designed for running on classical hardware/software whilst being resistant to attacks from quantum computers.PQC is well suited for replacing the current asymmetric schemes.A primary motivation for the project is to guide publicly available research toward the singular goal of finding weaknesses in the proposed next generation of PKC.For public key encryption (PKE) or digital signature (DS) schemes to be considered secure they must be shown to rely heavily on well-known mathematical problems with theoretical proofs of security under established models, such as indistinguishability under chosen ciphertext attack (IND-CCA).Also, they must withstand serious attack attempts by well-renowned cryptographers both concerning theoretical security and the actual software/hardware instantiations.It is well-known that security models, such as IND-CCA, are not designed to capture the intricacies of inner-state leakages.Such leakages are named side-channels, which is currently a major topic of interest in the NIST PQC project.This dissertation focuses on two things, in general:1) how does the low but non-zero probability of decryption failures affect the cryptanalysis of these new PQC candidates?And 2) how might side-channel vulnerabilities inadvertently be introduced when going from theory to the practice of software/hardware implementations?Of main concern are PQC algorithms based on lattice theory and coding theory.The primary contributions are the discovery of novel decryption failure side-channel attacks, improvements on existing attacks, an alternative implementation to a part of a PQC scheme, and some more theoretical cryptanalytical results
Envisioning the Future of Cyber Security in Post-Quantum Era: A Survey on PQ Standardization, Applications, Challenges and Opportunities
The rise of quantum computers exposes vulnerabilities in current public key
cryptographic protocols, necessitating the development of secure post-quantum
(PQ) schemes. Hence, we conduct a comprehensive study on various PQ approaches,
covering the constructional design, structural vulnerabilities, and offer
security assessments, implementation evaluations, and a particular focus on
side-channel attacks. We analyze global standardization processes, evaluate
their metrics in relation to real-world applications, and primarily focus on
standardized PQ schemes, selected additional signature competition candidates,
and PQ-secure cutting-edge schemes beyond standardization. Finally, we present
visions and potential future directions for a seamless transition to the PQ
era
Algorithmic Security is Insufficient: A Comprehensive Survey on Implementation Attacks Haunting Post-Quantum Security
This survey is on forward-looking, emerging security concerns in post-quantum
era, i.e., the implementation attacks for 2022 winners of NIST post-quantum
cryptography (PQC) competition and thus the visions, insights, and discussions
can be used as a step forward towards scrutinizing the new standards for
applications ranging from Metaverse, Web 3.0 to deeply-embedded systems. The
rapid advances in quantum computing have brought immense opportunities for
scientific discovery and technological progress; however, it poses a major risk
to today's security since advanced quantum computers are believed to break all
traditional public-key cryptographic algorithms. This has led to active
research on PQC algorithms that are believed to be secure against classical and
powerful quantum computers. However, algorithmic security is unfortunately
insufficient, and many cryptographic algorithms are vulnerable to side-channel
attacks (SCA), where an attacker passively or actively gets side-channel data
to compromise the security properties that are assumed to be safe
theoretically. In this survey, we explore such imminent threats and their
countermeasures with respect to PQC. We provide the respective, latest
advancements in PQC research, as well as assessments and providing visions on
the different types of SCAs
Post-Quantum and Code-Based Cryptography—Some Prospective Research Directions
Cryptography has been used from time immemorial for preserving the confidentiality of data/information in storage or transit. Thus, cryptography research has also been evolving from the classical Caesar cipher to the modern cryptosystems, based on modular arithmetic to the contemporary cryptosystems based on quantum computing. The emergence of quantum computing poses a major threat to the modern cryptosystems based on modular arithmetic, whereby even the computationally hard problems which constitute the strength of the modular arithmetic ciphers could be solved in polynomial time. This threat triggered post-quantum cryptography research to design and develop post-quantum algorithms that can withstand quantum computing attacks. This paper provides an overview of the various research directions that have been explored in post-quantum cryptography and, specifically, the various code-based cryptography research dimensions that have been explored. Some potential research directions that are yet to be explored in code-based cryptography research from the perspective of codes is a key contribution of this paper
A quantum-resistant advanced metering infrastructure
This dissertation focuses on discussing and implementing a Quantum-Resistant Advanced
Metering Infrastructure (QR-AMI) that employs quantum-resistant asymmetric and symmetric
cryptographic schemes to withstand attacks from both quantum and classical computers. The
proposed solution involves the integration of Quantum-Resistant Dedicated Cryptographic
Modules (QR-DCMs) within Smart Meters (SMs). These QR-DCMs are designed to embed
quantum-resistant cryptographic schemes suitable for AMI applications. In this sense, it
investigates quantum-resistant asymmetric cryptographic schemes based on strong cryptographic
principles and a lightweight approach for AMIs. In addition, it examines the practical deployment
of quantum-resistant schemes in QR-AMIs. Two candidates from the National Institute of
Standards and Technology (NIST) post-quantum cryptography (PQC) standardization process,
FrodoKEM and CRYSTALS-Kyber, are assessed due to their adherence to strong cryptographic
principles and lightweight approach. The feasibility of embedding these schemes within QRDCMs in an AMI context is evaluated through software implementations on low-cost hardware,
such as microcontroller and processor, and hardware/software co-design implementations using
System-on-a-Chip (SoC) devices with Field-Programmable Gate Array (FPGA) components.
Experimental results show that the execution time for FrodoKEM and CRYSTALS-Kyber schemes
on SoC FPGA devices is at least one-third faster than software implementations. Furthermore, the
achieved execution time and resource usage demonstrate the viability of these schemes for AMI
applications. The CRYSTALS-Kyber scheme appears to be a superior choice in all scenarios,
except when strong cryptographic primitives are necessitated, at least theoretically. Due to the
lack of off-the-shelf SMs supporting quantum-resistant asymmetric cryptographic schemes, a QRDCM embedding quantum-resistant scheme is implemented and evaluated. Regarding hardware
selection for QR-DCMs, microcontrollers are preferable in situations requiring reduced processing
power, while SoC FPGA devices are better suited for those demanding high processing power.
The resource usage and execution time outcomes demonstrate the feasibility of implementing
AMI based on QR-DCMs (i.e., QR-AMI) using microcontrollers or SoC FPGA devices.Esta tese de doutorado foca na discussão e implementação de uma Infraestrutura de Medição
Avançada com Resistência Quântica (do inglês, Quantum-Resistant Advanced Metering Infrastructure - QR-AMI), que emprega esquemas criptográficos assimétricos e simétricos com
resistência quântica para suportar ataques proveniente tanto de computadores quânticos, como
clássicos. A solução proposta envolve a integração de um Módulo Criptográfico Dedicado
com Resistência Quântica (do inglês, Quantum-Resistant Dedicated Cryptographic Modules
- QR-DCMs) com Medidores Inteligentes (do inglês, Smart Meter - SM). Os QR-DCMs são
projetados para embarcar esquemas criptográficos com resistência quântica adequados para
aplicação em AMI. Nesse sentido, é investigado esquemas criptográficos assimétricos com
resistência quântica baseado em fortes princípios criptográficos e abordagem com baixo uso
de recursos para AMIs. Além disso, é analisado a implantação prática de um esquema com
resistência quântica em QR-AMIs. Dois candidatos do processo de padronização da criptografia
pós-quântica (do inglês, post-quantum cryptography - PQC) do Instituto Nacional de Padrões e
Tecnologia (do inglês, National Institute of Standards and Technology - NIST), FrodoKEM e
CRYSTALS-Kyber, são avaliados devido à adesão a fortes princípios criptográficos e abordagem
com baixo uso de recursos. A viabilidade de embarcar esses esquemas em QR-DCMs em um
contexto de AMI é avaliado por meio de implementação em software em hardwares de baixo
custo, como um microcontrolador e processador, e implementações conjunta hardware/software
usando um sistema em um chip (do inglês, System-on-a-Chip - SoC) com Arranjo de Porta
Programável em Campo (do inglês, Field-Programmable Gate Array - FPGA). Resultados
experimentais mostram que o tempo de execução para os esquemas FrodoKEM e CRYSTALSKyber em dispositivos SoC FPGA é, ao menos, um terço mais rápido que implementações em
software. Além disso, os tempos de execuções atingidos e o uso de recursos demonstram a
viabilidade desses esquemas para aplicações em AMI. O esquema CRYSTALS-Kyber parece
ser uma escolha superior em todos os cenários, exceto quando fortes primitivas criptográficas
são necessárias, ao menos teoricamente. Devido à falta de SMs no mercado que suportem
esquemas criptográficos assimétricos com resistência quântica, um QR-DCM embarcando
esquemas com resistência quântica é implementado e avaliado. Quanto à escolha do hardware
para os QR-DCMs, microcontroladores são preferíveis em situações que requerem poder de
processamento reduzido, enquanto dispositivos SoC FPGA são mais adequados para quando é
demandado maior poder de processamento. O uso de recurso e o resultado do tempo de execução
demonstram a viabilidade da implementação de AMI baseada em QR-DCMs, ou seja, uma
QR-AMI, usando microcontroladores e dispositivos SoC FPGA
Efficient and Side-Channel Resistant Implementations of Next-Generation Cryptography
The rapid development of emerging information technologies, such as quantum computing and the Internet of Things (IoT), will have or have already had a huge impact on the world. These technologies can not only improve industrial productivity but they could also bring more convenience to people’s daily lives. However, these techniques have “side effects” in the world of cryptography – they pose new difficulties and challenges from theory to practice. Specifically, when quantum computing capability (i.e., logical qubits) reaches a certain level, Shor’s algorithm will be able to break almost all public-key cryptosystems currently in use. On the other hand, a great number of devices deployed in IoT environments have very constrained computing and storage resources, so the current widely-used cryptographic algorithms may not run efficiently on those devices. A new generation of cryptography has thus emerged, including Post-Quantum Cryptography (PQC), which remains secure under both classical and quantum attacks, and LightWeight Cryptography (LWC), which is tailored for resource-constrained devices. Research on next-generation cryptography is of importance and utmost urgency, and the US National Institute of Standards and Technology in particular has initiated the standardization process for PQC and LWC in 2016 and in 2018 respectively.
Since next-generation cryptography is in a premature state and has developed rapidly in recent years, its theoretical security and practical deployment are not very well explored and are in significant need of evaluation. This thesis aims to look into the engineering aspects of next-generation cryptography, i.e., the problems concerning implementation efficiency (e.g., execution time and memory consumption) and security (e.g., countermeasures against timing attacks and power side-channel attacks). In more detail, we first explore efficient software implementation approaches for lattice-based PQC on constrained devices. Then, we study how to speed up isogeny-based PQC on modern high-performance processors especially by using their powerful vector units. Moreover, we research how to design sophisticated yet low-area instruction set extensions to further accelerate software implementations of LWC and long-integer-arithmetic-based PQC. Finally, to address the threats from potential power side-channel attacks, we present a concept of using special leakage-aware instructions to eliminate overwriting leakage for masked software implementations (of next-generation cryptography)