Eros Camacho-Ruiz, Pablo Navarro-Torrero, Alejandro Cabrera Aldaya

A Framework for designing High-Order Side-Channel Protected Hardware Implementations of ML-KEM

Introduction

A framework for designing high-order side-channel protected hardware implementations of ml-kem. Discover HOPE-MLKEM, an open-source framework for high-order side-channel protected hardware implementations of ML-KEM (Kyber). Achieve robust post-quantum cryptography on FPGA/ASIC.

Abstract

ML-KEM (formerly Kyber) has recently been adopted as FIPS 203 in the NIST Post-Quantum Cryptography standardization process. While existing hardware implementations primarily optimize for performance, they often lack protections against side-channel attacks. We introduce HOPE-MLKEM, a framework that includes the first configurable, open, and full-hardware implementation of ML-KEM with integrated high-order protection against timing and power side-channel attacks. Our modular architecture supports all security levels and operations, incorporating optimized building blocks for polynomial arithmetic, modular multiplication, and programmable control logic. At the same time, this methodology enables the seamless integration of masking countermeasures up to high orders. We evaluated HOPE-MLKEM on FPGA and ASIC platforms, achieving competitive results compared to state-ofthe- art unprotected designs while providing resistance against high-order side-channel attacks. Beyond its technical contributions, HOPE-MLKEM is released as an opensource framework to foster community-driven exploration of design choices, leakage evaluation, and hardware optimizations.

Review

This paper presents a significant contribution to the field of Post-Quantum Cryptography hardware implementations by addressing a critical security vulnerability. With ML-KEM (formerly Kyber) now standardized as FIPS 203, robust hardware realizations are essential, yet existing solutions frequently prioritize performance over essential side-channel attack (SCA) protections. The authors introduce HOPE-MLKEM, a novel framework that stands out as the first configurable, open, and full-hardware implementation of ML-KEM specifically designed with integrated high-order protection against both timing and power SCAs. This work directly tackles a pressing concern for the secure deployment of PQC algorithms in real-world applications. The methodology behind HOPE-MLKEM is robust, featuring a modular architecture that adeptly supports all ML-KEM security levels and operations. The framework incorporates highly optimized building blocks for polynomial arithmetic, modular multiplication, and programmable control logic, which are fundamental to efficient ML-KEM execution. A core technical strength lies in its ability to seamlessly integrate masking countermeasures up to high orders, a critical feature for achieving strong side-channel resistance. The evaluation conducted on both FPGA and ASIC platforms confirms the practical viability of HOPE-MLKEM, demonstrating competitive performance compared to state-of-the-art unprotected designs, while crucially delivering robust high-order side-channel attack resistance. Beyond its technical merits, the decision to release HOPE-MLKEM as an open-source framework is a commendable strength. This fosters community engagement, enabling broader exploration of design choices, facilitating independent leakage evaluations, and accelerating further hardware optimizations. This transparency is vital for building trust and accelerating the adoption of secure PQC hardware. Overall, this paper offers a timely and impactful solution to a fundamental challenge in PQC hardware security, laying a strong foundation for future research and secure deployments of ML-KEM.

Full Text

Comments

You need to be logged in to post a comment.