Transactions on Cryptographic Hardware and Embedded Systems, Volume 2024
Correction Fault Attacks on Randomized CRYSTALS-Dilithium
Elisabeth Krahmer
Ruhr-University Bochum, Bochum, Germany; Infineon Technologies AG, Munich, Germany
Peter Pessl
Infineon Technologies AG, Munich, Germany
Georg Land
Ruhr University Bochum, Bochum, Germany
Tim Güneysu
Ruhr University Bochum, Bochum, Germany; DFKI, Bremen, Germany
Keywords: Fault Injection Attack, Dilithium, Post-Quantum Cryptography
Abstract
After NIST’s selection of Dilithium as the primary future standard for quantum-secure digital signatures, increased efforts to understand its implementation security properties are required to enable widespread adoption on embedded devices. Concretely, there are still many open questions regarding the susceptibility of Dilithium to fault attacks. This is especially the case for Dilithium’s randomized (or hedged) signing mode, which, likely due to devastating implementation attacks on the deterministic mode, was selected as the default by NIST. This work takes steps towards closing this gap by presenting two new key-recovery fault attacks on randomized/hedged Dilithium. Both attacks are based on the idea< of correcting faulty signatures after signing. A successful correction yields the value of a secret intermediate that carries information on the key. After gathering many faulty signatures and corresponding correction values, it is possible to solve for the signing key via either simple linear algebra or lattice-reduction techniques. Our first attack extends a previously published attack based on an instruction-skipping fault to the randomized setting. Our second attack injects faults in the matrix A, which is part of the public key. As such, it is not sensitive to side-channel leakage and has, potentially for this reason, not seen prior analysis regarding faults. We show that for Dilithium2, the attacks allow key recovery with as little as 1024 and 512 faulty signatures, with each signature generated by injecting a single targeted fault. We also demonstrate how our attacks can be adapted to circumvent several popular fault countermeasures with a moderate increase in the computational runtime and the number of required faulty signatures. These results are verified using both simulated faults and clock glitches on an ARM-based standard microcontroller. The presented attacks demonstrate that also randomized Dilithium can be subject to diverse fault attacks, that certain countermeasures might be easily bypassed, and that potential fault targets reach beyond side-channel sensitive operations. Still, many further operations are likely also susceptible, implying the need for increased analysis efforts in the future.
Publication
Transactions of Cryptographic Hardware and Embedded Systems, Volume 2024, Issue 3
PaperArtifact
Artifact number
tches/2024/a19
Artifact published
August 15, 2024
Badge
✅ IACR CHES Artifacts Functional
Some files in this archive are licensed under a different license. See the contents of this archive for more information.
BibTeX How to cite
Elisabeth Krahmer, Peter Pessl, Georg Land, Tim Güneysu. Correction Fault Attacks on Randomized CRYSTALS-Dilithium. (2024). IACR Transactions on Cryptographic Hardware and Embedded Systems, 2024(3), 174-199. https://doi.org/10.46586/tches.v2024.i3.174-199 Artifact available at https://artifacts.iacr.org/tches/2024/a19