한재승, 한동국, 조홍래,

Vol. 34, No. 6, pp. 1545-1556, 12월. 2024
10.13089/JKIISC.2024.34.6.1545, Full Text:
Keywords: Side-Channel Analysis, Correlation Power Analysis, Post-Quantum Cryptogrpahy, NCC-Sign, MQ-Sign
Abstract

As the era of quantum computers approaches, the U.S. NIST has been conducting a Post-Quantum Cryptography (PQC) standardization project since 2016, and in Korea, the KpqC competition began in 2022. The KpqC competition currently has four digital signature algorithms and four PKE/KEM algorithms selected as candidates, and the Round 2 is in progress. PQC algorithms are designed to be secure against quantum computing attacks by using hard mathematical problems that remain safe even in the quantum era. However, they are still vulnerable to side-channel analysis (SCA), which exploit physical information leaked during the operation of cryptographic algorithms on devices. Therefore research on the evaluation of vulnerabilities to SCA and countermeasures is essential for a secure transition to PQC. Many SCA and countermeasures have been studied for NIST PQC candidate and selected algorithms. In contrast, research on SCA against KpqC candidates is still in its early stages, and studies on countermeasures are also lacking. This paper proposes secret key recovery SCA against two KpqC Round 2 digital signature algorithms, NCC-Sign and MQ-Sign. We performed experimental verification of the proposed attack by successfully recovering a part of secret keys using 5,000 power traces collected by working each digital signature algorithm in an ARM-Cortex M4-based STM32F3 MCU environment.

Statistics
Cite this article