[go: up one dir, main page]
More Web Proxy on the site http://driver.im/

What a lovely hat

Is it made out of tin foil?

Paper 2023/1796

Fault Attacks Sensitivity of Public Parameters in the Dilithium Verification

Andersson Calle Viera, Thales (France), Laboratoire de Recherche en Informatique de Paris 6
Alexandre Berzati, Thales (France)
Karine Heydemann, Thales (France), Laboratoire de Recherche en Informatique de Paris 6
Abstract

This paper presents a comprehensive analysis of the verification algorithm of the CRYSTALS-Dilithium, focusing on a C reference implementation. Limited research has been conducted on its susceptibility to fault attacks, despite its critical role in ensuring the scheme’s security. To fill this gap, we investigate three distinct fault models - randomizing faults, zeroizing faults, and skipping faults - to identify vulnerabilities within the verification process. Based on our analysis, we propose a methodology for forging CRYSTALS-Dilithium signatures without knowledge of the secret key. Instead, we leverage specific types of faults during the verification phase and some properties about public parameters to make these signatures accepted. Additionally, we compared different attack scenarios after identifying sensitive operations within the verification algorithm. The most effective requires potentially fewer fault injections than targeting the verification check itself. Finally, we introduce a set of countermeasures designed to thwart all the identified scenarios rendering the verification algorithm intrinsically resistant to the presented attacks.

Metadata
Available format(s)
PDF
Category
Attacks and cryptanalysis
Publication info
Published elsewhere. CARDIS2023
Keywords
DilithiumFault AttacksSide-channel attacksLattice-based cryptographyPost-quantum cryptography
Contact author(s)
andersson calle-viera @ thalesgroup com
alexandre berzati @ thalesgroup com
karine heydemann @ thalesgroup com
History
2023-11-24: approved
2023-11-21: received
See all versions
Short URL
https://ia.cr/2023/1796
License
Creative Commons Attribution
CC BY

BibTeX

@misc{cryptoeprint:2023/1796,
      author = {Andersson Calle Viera and Alexandre Berzati and Karine Heydemann},
      title = {Fault Attacks Sensitivity of Public Parameters in the Dilithium Verification},
      howpublished = {Cryptology {ePrint} Archive, Paper 2023/1796},
      year = {2023},
      url = {https://eprint.iacr.org/2023/1796}
}
Note: In order to protect the privacy of readers, eprint.iacr.org does not use cookies or embedded third party content.