Authors:Kazuhide Fukushima¹;Hiroki Okada¹;Sofiane Takarabt²;Amina Korchi²;Meziane Hamoud²;Khaled Karray²;Youssef Souissy² andSylvain Guilley²

Affiliations:¹KDDI Research, Inc., 2-1-15 Ohara, Fujimino-shi, Saitama, 356–8502, Japan;²Secure-IC, Z.A.C des Champs Blancs, 15 rue Claude Chappe, Bât. B, 35510, Cesson-Sévigné, France

Keyword(s):Post-quantum Cryptography, Lattice-based Cryptography, MLWRSign, Side-channel Analysis.

Abstract:Lattice-based cryptography is believed to be a promising candidate for post-quantum cryptography (PQC). The NIST announced that the third-round finalists in the standardization project of PQC (NIST-PQC) and four out of seven finalists are lattice-based cryptography. An implementation is desired that is resistant to side-channel analysis for the widespread use of lattice-based cryptography. This paper studies possible side-channel analysis on the signature scheme MLWRSign, a lattice-based signature scheme. We apply differential power analysis to the implementation of MLWRSign to specify all the sensitive parts. The experimental results show that only Karatsuba and Toom-Cook multiplications can be vulnerable to DPA with the Hamming weight power consumption model. Furthermore, we propose masking countermeasures for multiplication: inter-functional and intra-functional masking. Our lightweight countermeasure is beneficial to further enhance the security of post-quantum cryptography, which is naturally resistant to side-channel attacks.(More)