WrapQ: Side-Channel Secure Key Management for Post-quantum Cryptography

Tutkimustuotos: KonferenssiartikkeliTieteellinenvertaisarvioitu

Abstrakti

Transition to PQC brings complex challenges to builders of secure cryptographic hardware. PQC keys usually need to be stored off-module and protected via symmetric encryption and message authentication codes. Only a short, symmetric Key-Encrypting Key (KEK) can be managed on-chip with trusted non-volatile key storage. For secure use, PQC key material is handled in masked format; as randomized shares. Due to the masked encoding of the key material, algorithm-specific techniques are needed to protect the side-channel security of the PQC key import and export processes. In this work, we study key handling techniques used in real-life secure Kyber and Dilithium hardware. We describe WrapQ, a masking-friendly key-wrapping mechanism designed for lattice cryptography. On a high level, WrapQ protects the integrity and confidentiality of key material and allows keys to be stored outside the main security boundary of the module. Significantly, its wrapping and unwrapping processes minimize side-channel leakage from the KEK integrity/authentication keys as well as the masked Kyber or Dilithium key material payload. We demonstrate that masked Kyber or Dilithium private keys can be managed in a leakage-free fashion from a compact WrapQ format without updating its encoding in non-volatile (or read-only) memory. WrapQ has been implemented in a side-channel secure hardware module. Kyber and Dilithium wrapping and unwrapping functions were validated with 100K traces of ISO 17825/TVLA-type leakage assessment.

AlkuperäiskieliEnglanti
OtsikkoPost-Quantum Cryptography - 14th International Workshop, PQCrypto 2023, Proceedings
ToimittajatThomas Johansson, Daniel Smith-Tone, Daniel Smith-Tone
KustantajaSpringer
Sivut637-657
Sivumäärä21
ISBN (painettu)978-3-031-40002-5
DOI - pysyväislinkit
TilaJulkaistu - 2023
OKM-julkaisutyyppiA4 Artikkeli konferenssijulkaisussa
TapahtumaInternational Conference on Post-Quantum Cryptography - College Park, Yhdysvallat
Kesto: 16 elok. 202318 elok. 2023

Julkaisusarja

NimiLecture Notes in Computer Science
Vuosikerta14154 LNCS
ISSN (painettu)0302-9743
ISSN (elektroninen)1611-3349

Conference

ConferenceInternational Conference on Post-Quantum Cryptography
Maa/AlueYhdysvallat
KaupunkiCollege Park
Ajanjakso16/08/2318/08/23

Rahoitus

Acknowledgments. We thank the reviewers for their constructive comments. Furthermore, we thank Pascal Sasdrich for the fruitful discussions. This work was supported by the German Research Foundation under Germany’s Excellence Strategy - EXC 2092 CASA - 390781972, through the H2020 project PROMETHEUS (grant agreement ID 780701), CONVOLVE (grant agreement ID 101070374), and by the Federal Ministry of Education and Research of Germany through the Quantum-RISC (16KIS1038), PQC4Med (16KIS1044), and 6GEM (16KISK038) projects. Acknowledgements. The work described in this paper has been supported by the Einstein Research Unit “Perspectives of a quantum digital transformation: Near-term quantum computational devices and quantum processors” of the Berlin University Alliance. The authors acknowledge the financial support by the Federal Ministry of Education and Research of Germany in the programme of “Souverän. Digital. Ver-netzt.” Joint project 6G-RIC, project identification number: 16KISK030. We would like to thank Ryan Sweke and Xavier Bonnetain for their valuable input which greatly improved the paper. We would like to thank Shinjo Park for his valuable input on cellular network protocols. Acknowledgments. We thank the European Union’s Horizon research and innovation program for support under grant agreement numbers: 101069688 (CONNECT), 101070627 (REWIRE), 779391 (FutureTPM), 952697 (ASSURED), 101019645 (SECANT) and 101095634 (ENTRUST). These projects are funded by the UK government’s Horizon Europe guarantee and administered by UKRI. We also thank the National Natural Science Foundation of China for support under grant agreement numbers: 62072132 and 62261160651. We would like to thank Qingju Wang and Scott Fluhrer for helpful discussions. We also thank the anonymous reviewers from PQCrypto for their valuable comments. Acknowledgment. We would like to thank the anonymous reviewers of this paper. We would also like to thank Jonathan Sönnerup, whose excessive solution of an information theory course’s project inspired some of the techniques of this paper. QG was funded by the Swedish Research Council (grant numbers 2019-04166 and 2021-04602), the Swedish Civil Contingencies Agency (grant number 2020-11632), the Swedish Foundation for Strategic Research (Grant No. RIT17-0005) and the Wallenberg AI, Autonomous Systems and Software Program (WASP) funded by the Knut and Alice Wallenberg Foundation. EM was funded by the project “Kvantesikker Kryptografi” from the National Security Authority of Norway. Acknowledgments. This work has been partially supported by the French Agence Nationale de la Recherche through the France 2030 program under grant agreement No. ANR-22-PETQ-0008 PQ-TLS. Acknowledgements. This work was partly funded by the German Federal Ministry of Education and Research (BMBF) in the project APRIORI under grant number 16KIS1390. Acknowledgement. The authors thank Jelle Don and Eamonn W. Postlethwaite, Ludo N. Pulles for their useful discussions. Yu-Hsuan Huang is supported by the Dutch Research Agenda (NWA) project HAPKIDO (Project No. NWA.1215.18.002), which is financed by the Dutch Research Council (NWO). Acknowledgments. This work has been partially supported by the National Science Foundation under Grant No.: CNS-1801512 and by the US Department of Commerce (NIST) under Grant No.: 70NANB18H218. Acknowledgements. The authors want to thank Christian Rechberger and Felix Wissel for insightful discussions, and Florian Kutschera for helping with the setup of the QKD devices. This work received funding from the Austrian Research Promotion Agency (FFG) under grant agreement number FO999886370 (“QKD4GOV”), from the European Defence Industrial Development Programme (EDIDP) under grant agreement number SI2858093 (“DISCRETION”), and from the Digital Europe Program under grant agreement number 101091642 (“QCI-CAT”). Acknowledgement. This work was supported by JST CREST Grant Number JPMJCR2113, Japan, and JSPS KAKENHI Grant Number JP22KJ0554, Japan. Acknowledgment. This research has been supported in part by the Swedish Armed Forces and was conducted at KTH Center for Cyber Defense and Information Security (CDIS). The author would like to thank Johan Håstad and Martin Ekeråfor their helpful feedback and comments. Acknowledgements. This research was in part conducted under a contract of “Research and development on new generation cryptography for secure wireless communication services” among “Research and Development for Expansion of Radio Wave Resources (JPJ000254)”, which was supported by the Ministry of Internal Affairs and Communications, Japan. This work was in part supported by JSPS KAKENHI Grant Number JP22H03590. The authors would like to thank the anonymous reviewers for their helpful comments. The authors are funded by the French Agence Nationale de la Recherche through the France 2023 ANR project ANR-22-PETQ-0008 PQ-TLS and the ANR-21-CE39-0009-BARRACUDA. Acknowledgments. We gratefully acknowledge helpful discussion with Roland van Rijswijk-Deij, Andrew Fregly and Burt Kaliski, Sofía Celi, and Michael Baentsch. D.S. was supported by Natural Sciences and Engineering Research Council of Canada (NSERC) Discovery grants RGPIN-2016-05146 and RGPIN-2022-0318, and a donation from VeriSign, Inc.

RahoittajatRahoittajan numero
ANR-21-CE39-0009-BARRACUDA
APRIORI16KIS1390
Digital Europe Program101091642
Dutch Research Agenda
European Union’s Horizon Europe research and innovation program952697, 101019645, 101069688, 101095634, 101070627, 779391
Horizon Europe guarantee
National Security Authority of Norway
Research and Development for Expansion of Radio Wave ResourcesJPJ000254
National Science FoundationCNS-1801512
National Institute of Standards and Technology70NANB18H218
U.S. Department of Commerce
Horizon 2020 Framework ProgrammeID 101070374, ID 780701
UK Research and Innovation
National Weather Association
The Natural Sciences and Engineering Research Council of CanadaRGPIN-2016-05146, RGPIN-2022-0318
DFG Deutsche ForschungsgemeinschaftEXC 2092 CASA - 390781972
Agence Nationale de la Recherche (ANR, France)ANR-22-PETQ-0008 PQ-TLS
The Japan Society for the Promotion of Science (JSPS)JP22KJ0554, JP22H03590
Stiftelsen för Strategisk ForskningRIT17-0005
National Natural Science Foundation of China62261160651, 62072132
Bundesministerium für Bildung und Forschung16KIS1038, 16KISK038, 16KIS1044
Nederlandse Organisatie voor Wetenschappelijk Onderzoek (The Netherlands Organisation for Scientific Research NWO)
Core Research for Evolutional Science and TechnologyJPMJCR2113
Knut och Alice Wallenbergs Stiftelse
Vetenskapsrådet2019-04166, 2021-04602
Österreichische ForschungsförderungsgesellschaftFO999886370
Myndigheten för Samhällsskydd och Beredskap2020-11632
Ministry of Internal Affairs and Communications
Försvarsmakten
European Defence Industrial Development ProgrammeSI2858093
Berlin University Alliance

    Julkaisufoorumi-taso

    • Jufo-taso 1

    !!ASJC Scopus subject areas

    • Theoretical Computer Science
    • Yleinen tietojenkäsittelytiede

    Sormenjälki

    Sukella tutkimusaiheisiin 'WrapQ: Side-Channel Secure Key Management for Post-quantum Cryptography'. Ne muodostavat yhdessä ainutlaatuisen sormenjäljen.

    Siteeraa tätä