Researchers from KTH Royal Institute of Technology have discovered a vulnerability in CRYSTALS-Kyber, one of the post-quantum encryption algorithms chosen by the US government.
The exploit relates to side-channel attacks on up to the fifth-order masked implementations of CRYSTALS-Kyber in ARM Cortex-M4 CPU, according to a paper by Elena Dubrova, Kalle Ngo, and Joel Gärtner.
The algorithm is one of four post-quantum algorithms chosen by the US National Institute of Standards and Technology (NIST) after a rigorous multi-year effort to identify the next-generation encryption standards that can withstand huge leaps in computing power.
The underlying idea is that the physical effects introduced as a result of a cryptographic implementation can be used to decode and deduce sensitive information, such as ciphertext and encryption keys.
One of the popular countermeasures to harden cryptographic implementations against physical attacks is masking, which randomizes the computation and detaches the side-channel information from the secret-dependent cryptographic variables.
However, the attack method devised by the researchers involves a neural network training method called recursive learning to help recover message bits with a high probability of success.
When reached for comment, NIST told The Hacker News that the approach does not break the algorithm itself and that the findings don’t affect the standardization process of CRYSTALS-Kyber.
