-
Notifications
You must be signed in to change notification settings - Fork 1
/
CITATION
19 lines (19 loc) · 2.03 KB
/
CITATION
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
@article{10.1145/3429983,
author = {Beirendonck, Michiel Van and D’anvers, Jan-Pieter and Karmakar, Angshuman and Balasch, Josep and Verbauwhede, Ingrid},
title = {A Side-Channel-Resistant Implementation of SABER},
year = {2021},
issue_date = {April 2021},
publisher = {Association for Computing Machinery},
address = {New York, NY, USA},
volume = {17},
number = {2},
issn = {1550-4832},
url = {https://doi.org/10.1145/3429983},
doi = {10.1145/3429983},
abstract = {The candidates for the NIST Post-Quantum Cryptography standardization have undergone extensive studies on efficiency and theoretical security, but research on their side-channel security is largely lacking. This remains a considerable obstacle for their real-world deployment, where side-channel security can be a critical requirement. This work describes a side-channel-resistant instance of Saber, one of the lattice-based candidates, using masking as a countermeasure. Saber proves to be very efficient to masking due to two specific design choices: power-of-two moduli and limited noise sampling of learning with rounding. A major challenge in masking lattice-based cryptosystems is the integration of bit-wise operations with arithmetic masking, requiring algorithms to securely convert between masked representations. The described design includes a novel primitive for masked logical shifting on arithmetic shares and adapts an existing masked binomial sampler for Saber. An implementation is provided for an ARM Cortex-M4 microcontroller, and its side-channel resistance is experimentally demonstrated. The masked implementation features a 2.5x overhead factor, significantly lower than the 5.7x previously reported for a masked variant of NewHope. Masked key decapsulation requires less than 3,000,000 cycles on the Cortex-M4 and consumes less than 12kB of dynamic memory, making it suitable for deployment in embedded platforms.},
journal = {J. Emerg. Technol. Comput. Syst.},
month = {apr},
articleno = {10},
numpages = {26},
keywords = {SABER, Post-quantum cryptography, ARM Cortex-M4, masking}
}