Haetae: Shorter lattice-based fiat-shamir signatures
We present HAETAE (Hyperball bimodAl modulE rejecTion signAture schemE), a new lattice-
based signature scheme. Like the NIST-selected Dilithium signature scheme, HAETAE is …
based signature scheme. Like the NIST-selected Dilithium signature scheme, HAETAE is …
Exploiting the Central Reduction in Lattice-Based Cryptography
This paper questions the side-channel security of central reduction technique, which is
widely adapted in efficient implementations of Lattice-Based Cryptography (LBC). We show …
widely adapted in efficient implementations of Lattice-Based Cryptography (LBC). We show …
Raccoon: A masking-friendly signature proven in the probing model
This paper presents Raccoon, a lattice-based signature scheme submitted to the NIST 2022
call for additional post-quantum signatures. Raccoon has the specificity of always being …
call for additional post-quantum signatures. Raccoon has the specificity of always being …
Zero-Value Filtering for Accelerating Non-Profiled Side-Channel Attack on Incomplete NTT based Implementations of Lattice-based Cryptography
Lattice-based cryptographic schemes such as Crystals-Kyber and Dilithium are post-
quantum algorithms selected to be standardized by NIST as they are considered to be …
quantum algorithms selected to be standardized by NIST as they are considered to be …
Breaking and protecting the crystal: Side-channel analysis of dilithium in hardware
The lattice-based CRYSTALS-Dilithium signature scheme has been selected for
standardization by the NIST. As part of the selection process, a large number of …
standardization by the NIST. As part of the selection process, a large number of …
Correction fault attacks on randomized crystals-dilithium
After NIST's selection of Dilithium as the primary future standard for quantum-secure digital
signatures, increased efforts to understand its implementation security properties are …
signatures, increased efforts to understand its implementation security properties are …
Single trace HQC shared key recovery with SASCA
This paper presents practicable single trace attacks against the Hamming Quasi-Cyclic
(HQC) Key Encapsulation Mechanism. These attacks are the first Soft Analytical Side …
(HQC) Key Encapsulation Mechanism. These attacks are the first Soft Analytical Side …
Exploiting small-norm polynomial multiplication with physical attacks: Application to crystals-Dilithium
O Bronchain, M Azouaoui, M ElGhamrawy… - Cryptology ePrint …, 2023 - eprint.iacr.org
We present a set of physical profiled attacks against CRYSTALS-Dilithium that accumulate
noisy knowledge on secret keys over multiple signatures, finally leading to a full recovery …
noisy knowledge on secret keys over multiple signatures, finally leading to a full recovery …
Low-Latency Masked Gadgets Robust against Physical Defaults with Application to Ascon
G Cassiers, FX Standaert… - IACR Transactions on …, 2024 - ojs.ub.ruhr-uni-bochum.de
Low-latency masked hardware implementations are known to be a difficult challenge. On the
one hand, the propagation of glitches can falsify their independence assumption (that is …
one hand, the propagation of glitches can falsify their independence assumption (that is …
A provably masked implementation of BIKE Key Encapsulation Mechanism
L Demange, M Rossi - Cryptology ePrint Archive, 2024 - eprint.iacr.org
BIKE is a post-quantum key encapsulation mechanism (KEM) selected for the 4th round of
the NIST's standardization campaign. It relies on the hardness of the syndrome decoding …
the NIST's standardization campaign. It relies on the hardness of the syndrome decoding …