Machine-Learning Side-Channel Attacks on the GALACTICS Constant-Time Implementation of BLISS

by   Soundes Marzougui, et al.

Due to the advancing development of quantum computers, practical attacks on conventional public-key cryptography may become feasible in the next few decades. To address this risk, post-quantum schemes that are secure against quantum attacks are being developed. Lattice-based algorithms are promising replacements for conventional schemes, with BLISS being one of the earliest post-quantum signature schemes in this family. However, required subroutines such as Gaussian sampling have been demonstrated to be a risk for the security of BLISS, since implementing Gaussian sampling both efficient and secure with respect to physical attacks is highly challenging. This paper presents three related power side-channel attacks on GALACTICS, the latest constant-time implementation of BLISS. All attacks are based on leakages we identified in the Gaussian sampling and signing algorithm of GALACTICS. To run the attack, a profiling phase on a device identical to the device under attack is required to train machine learning classifiers. In the attack phase, the leakages of GALACTICS enable the trained classifiers to predict sensitive internal information with high accuracy, paving the road for three different key recovery attacks. We demonstrate the leakages by running GALACTICS on a Cortex-M4 and provide proof-of-concept data and implementation for all our attacks.


Algorithmic Security is Insufficient: A Comprehensive Survey on Implementation Attacks Haunting Post-Quantum Security

This survey is on forward-looking, emerging security concerns in post-qu...

An Economic Model for Quantum Key-Recovery Attacks against Ideal Ciphers

It has been established that quantum algorithms can solve several key cr...

SALSA: Attacking Lattice Cryptography with Transformers

Currently deployed public-key cryptosystems will be vulnerable to attack...

Signature Correction Attack on Dilithium Signature Scheme

Motivated by the rise of quantum computers, existing public-key cryptosy...

Fuzzing+Hardware Performance Counters-Based Detection of Algorithm Subversion Attacks on Post-Quantum Signature Schemes

NIST is standardizing Post Quantum Cryptography (PQC) algorithms that ar...

SALSA VERDE: a machine learning attack on Learning With Errors with sparse small secrets

Learning with Errors (LWE) is a hard math problem used in post-quantum c...

Physical Realization of a Hyper Unclonable Function

Disordered photonic structures are promising materials for the realizati...

Please sign up or login with your details

Forgot password? Click here to reset