Microsoft ends support for Internet Explorer on June 16, 2022.
We recommend using one of the browsers listed below.

  • Microsoft Edge(Latest version) 
  • Mozilla Firefox(Latest version) 
  • Google Chrome(Latest version) 
  • Apple Safari(Latest version) 

Please contact your browser provider for download and installation instructions.

Open search panel Close search panel Open menu Close menu

February 2, 2022

Information

New developments and experiments on hardware security of post-quantum cryptography are accepted to Asiacrypt 2021 and CHES 2022

Post-quantum cryptography (PQC) is the next-generation public-key cryptography safe for quantum computers. NTT, in collaboration with Tohoku University, surveyed the physical safety of implementing PQC in software and hardware. The survey discovered that eight out of nine types of public-key encryption candidates for international standards have vulnerabilities associated with implementation. We devised and verified countermeasures against these vulnerabilities. One of those results was accepted to Asiacrypt 2021 (International Conference on the Theory and Application of Cryptology and Information Security), an international conference hosted by the International Association for Cryptologic Research (IACR), and was presented in the conference from December 6, 2021, to 10th. The other was also accepted to IACR Transactions on Cryptographic Hardware and Embedded Systems, an academic journal of IACR, and its electronic version was published earlier in the 2022 edition. It will be presented in CHES 2022 (the Cryptographic Hardware and Embedded Systems conference) in September 2022.

PQC is next-generation public-key cryptography that is safe for quantum computers. The National Institute of Standards and Technology (NIST) in the United States is working to standardize PQC. In addition to mathematical security, physical security assessment is an essential aspect of this standardization. Analysis methods called side-channel attack and fault-injection attack physically observe and operate the computation of products that implement cryptography. Physical security requires resistance to attacks that steal decryption keys through side-channel attacks or fault-injection attacks.

NTT Social Informatics Laboratories (Keita Xagawa, Senior Researcher and Junko Takahashi, Senior Researcher) and Tohoku University have jointly investigated the physical security of implementing PQC in software and hardware. As a result, we found that eight out of nine public-key encryption candidates for NIST international standards have physical vulnerabilities. We also conducted experiments to evaluate the feasibility of attacks such as theft of decryption keys using this vulnerability. In addition, we devised and verified implementation measures to prevent those vulnerabilities.

Since PQC will be implemented on various devices, by conducting experiments on PQC in various systems, we will contribute to the safety of ICT devices and systems.

NTT Social Informatics Laboratories will continue to contribute to the realization of safe and secure services through research and development of cryptographic and security technologies.

[Reference]

  1. *Rei Ueno, Keita Xagawa, Yutaro Tanaka, Akira Ito, Junko Takahashi, Naofumi Homma, "Curse of Re-encryption: A Generic Power/EM Analysis on Post-Quantum KEMs." IACR Transactions on Cryptographic Hardware and Embedded Systems. 2022 (1): 296 -322 (2022)
  2. *Keita Xagawa, Akira Ito, Rei Ueno, Junko Takahashi, Naofumi Homma, "Fault-Injection Attacks Against NIST's Post-Quantum Cryptography Round 3 KEM Candidates," In Advances in Cryptology - Asiacrypt 2021 - 27th International Conference on the Theory and Application of Cryptology and Information Security, Singapore, December 6-10, 2021, Proceedings, Part II.

Information is current as of the date of issue of the individual topics.
Please be advised that information may be outdated after that point.