International Association for Cryptologic Research

International Association
for Cryptologic Research

Transactions on Cryptographic Hardware and Embedded Systems, Volume 2021

Fault Attacks on CCA-secure Lattice KEMs


Software accompanying the paper "Fault Attacks on CCA-secure Lattice KEMs" (PDF). Paper published in TCHES 2021, Issue 2.



Matlab and C sources used for simulations, includes attacks for Kyber (v2, all parameter sets) and NewHope512. The scripts are currently set up to execute a single attack on Kyber512 using 7500 faults and NewHope512 using 15000 faults, but can be easily configured for other scenarios.



How to run

For attacks on Kyber, run the following (same for NewHope):

Important configuration parameters

The first section of the Matlab scripts contains several configuration options. Some of the most important ones are: