摘要
Plaintext-checking(PC)oracle-based key recovery attack stands out as one of the most critical threat targeting Kyber due to its high effciency and ease of implementation.In practical scenarios,however,the output of the oracle may suffer accuracy degradation when instantiating it through a side-channel trace distinguisher due to the environmental noise and the cross-device issue.While various deep learning-based approaches have been proposed to address the inaccuracy problem caused by the cross-device issue,they often suffer from complexity and limited interpretability.This work investigates realistic numerous side-channel attack(SCA)scenarios and focuses on the cross-device issue when implementing a reliable PC oracle in SCAs against Kyber.TtLR is proposed,it combines the ttest with a logistic regression model to implement a lightweight but effcient side-channel distinguisher against Kyber KEM.The proposed approach is validated through experiments on STM32F407G boards equipped with ARM Cortex-M4 microcontrollers,using the Kyber512 implementations from the pqm4 library.The results demonstrate that the proposed method achieves high PC oracle accuracy across different boards with low computational and memory overhead.This makes the proposed distinguisher practical for deployment on resource-constrained platforms such as the Raspberry Pi running a Linux system.
基于明文检查谕言机的密钥恢复攻击是目前针对Kyber算法的最有效的侧信道攻击方法之一.但在实际应用场景中,由于环境噪声和跨设备问题所带来的影响,通过侧信道波形区分器实例化的明文检查谕言机输出的准确性可能会下降,从而降低攻击效果.目前的解决方法存在复杂性高和可解释性有限等缺陷.本文研究了真实的侧信道攻击场景下,针对Kyber算法的侧信道攻击中的明文检查谕言机实例化时存在的跨设备可移植性问题.提出一种轻量高效的方法,将t检验与逻辑回归模型相结合,实例化了针对Kyber密钥封装机制的高效且轻量级的明文检查谕言机.在搭载ARM Cortex-M4微控制器的STM32F407G开发板上进行实验验证,表明所提方法在多个不同开发板上均能实现较高的明文检查谕言机准确率,且计算和内存开销相较于已有的基于深度学习的方法更低.所提方法可以用于在资源受限的平台上部署高效的明文检查谕言机用于侧信道分析.
出处
《密码学报(中英文)》
北大核心
2025年第6期1430-1444,共15页
Journal of Cryptologic Research
基金
National Natural Science Foundation of China(62172374)。
