Physical attacks are serious threats to cryptosystems deployed in the real
world. In this work, we propose a microarchitectural end-to-end attack
methodology on generic lattice-based post-quantum key encapsulation mechanisms
to recover the long-term secret key. Our attack targets a critical component of
a Fujisaki-Okamoto transform that is used in the construction of almost all
lattice-based key encapsulation mechanisms. We demonstrate our attack model on
practical schemes such as Kyber and Saber by using Rowhammer. We show that our
attack is highly practical and imposes little preconditions on the attacker to
succeed. As an additional contribution, we propose an improved version of the
plaintext checking oracle, which is used by almost all physical attack
strategies on lattice-based key-encapsulation mechanisms. Our improvement
reduces the number of queries to the plaintext checking oracle by as much as
39% for Saber and approximately 23% for Kyber768. This can be of
independent interest and can also be used to reduce the complexity of other
attacks