NTT-PEEL: Bit Shift Side-Channel in FALCON’s Number Theoretic Transform

Jinyi Qiu, Aydin Aysu

IACR Transactions on Cryptographic Hardware and Embedded Systems

0.0 (0 ratings)

Introduction

Ntt-peel: bit shift side-channel in falcon’s number theoretic transform. NTT-PEEL: A new single-trace side-channel attack on FALCON's NTT, exploiting bit shift vulnerabilities on ARM Cortex-M4. Exposes critical security flaws.

1 views

Abstract

This work introduces a new single-trace side-channel attack against FALCON, a lattice-based post-quantum digital signature scheme recently selected for standardization by NIST. The proposed attacks exploit a new vulnerability in the in-place modular reduction within the number theoretic transform (NTT). The vulnerable component executes both in the key generation and signature generation schemes of FALCON. Our key innovation is a custom attack method, which consists of forward and backward pass algorithms that combine partial leakages by exploiting the inherent structural dependencies. Overall, the method serves as an efficient mechanism for peeling key-dependent information from the NTT. We demonstrate the attack on an ARM Cortex-M4 microcontroller, evaluating both the reference and optimized implementations from FALCON’s NIST round 3 software package. We quantified that our attack reduces the search space to 224 with the assistance of lattice reduction algorithms. These findings expose the susceptibility of current software deployments to single-trace exploitation and emphasize the pressing need for embedded implementations hardened against such attacks.

Full Text

You need to be logged in to view the full text and Download file of this article - NTT-PEEL: Bit Shift Side-Channel in FALCON’s Number Theoretic Transform from IACR Transactions on Cryptographic Hardware and Embedded Systems .