CRII: SaTC: Secure Instruction Set Extensions for Lattice-Based Post-Quantum Cryptosystems

CRII：SaTC：基于格的后量子密码系统的安全指令集扩展

• 批准号: 1850373
• 负责人: Aydin Aysu
• 金额: $ 17.48万
• 依托单位: North Carolina State University
• 依托单位国家: 美国
• 项目类别: Standard Grant
• 财政年份: 2019
• 资助国家: 美国
• 起止时间: 2019-02-15 至 2022-01-31
• 项目状态: 已结题
• 来源: https://www.nsf.gov/awardsearch/showAward?AWD_ID=1850373&HistoricalAwards=false
• 关键词: CRII; SaTC; Secure; Instruction; Set

The emergence of quantum computers poses a serious threat for existing security standards, which motivates post-quantum cryptography (PQC) research. Various PQC schemes have been proposed for standardization, whose mathematical soundness are under investigation. Unfortunately, even a mathematically sound cryptography scheme may be attacked at the implementation level. The primary research goal of this project is to develop secure implementations for lattice-based cryptosystems, a major class of PQC encryption proposals. This work specifically addresses the fundamental power and electromagnetic side-channel vulnerabilities of physical implementations which may leak information. The intellectual merit of this project is a novel framework that employs instruction set extensions to compose side-channel protected software, which can provide comprehensive side-channel security. By contrast, research on side-channel analysis of lattice cryptosystems have so far been limited to point solutions that evaluate a single instance. The research tasks are to extract a set of common operations for lattice-based cryptosystems, to build side-channel resistant versions of these arithmetic computations, to use a side-channel aware compiler for re-composing the software with the protected instructions, and to evaluate/benchmark side-channel security and countermeasure overheads.The broader impacts of the project include disseminating publications, distributing open-source hardware and software, and bridging the research on computer architectures and hardware security. This bridge is critical as secure computer architectures currently exclude physical side-channels in their threat model. This work may also help the ongoing quantum-secure encryption standardization effort led by the National Institute of Standards and Technology (NIST), by evaluating the submitted lattice cryptography-based proposals. This project will use a repository with multiple back up servers to store and log the data, and the major results and hardware and software products will be made publicly available by using resources over the world wide web. Further information on the project repository will be made accessible at https://research.ece.ncsu.edu/aaysu/research.html. The repository is intended to be actively maintained for the duration of the project.This award reflects NSF's statutory mission and has been deemed worthy of support through evaluation using the Foundation's intellectual merit and broader impacts review criteria.

量子计算机的出现对现有的安全标准构成了严重威胁，这推动了后量子密码学(PQC)的研究。各种PQC方案已被提出用于标准化，其数学可靠性正在调查中。不幸的是，即使是数学上可靠的密码方案也可能在实现级别上受到攻击。这个项目的主要研究目标是开发基于格的密码系统的安全实现，这是一类主要的PQC加密方案。这项工作专门解决了可能泄漏信息的物理实现的基本电源和电磁侧通道漏洞。该项目的智能优点是一个新颖的框架，它使用指令集扩展来组成旁路保护软件，可以提供全面的旁路安全。相比之下，对格型密码系统的旁路分析的研究到目前为止仅限于评估单个实例的点解。研究任务是提取一组基于格的密码系统的常见操作，构建这些算术计算的抗旁路版本，使用旁路感知编译器重新编写带有受保护指令的软件，评估/基准旁路安全和对抗开销。该项目的更广泛影响包括传播出版物，分发开源硬件和软件，以及将计算机体系结构和硬件安全的研究联系起来。由于安全计算机体系结构目前在其威胁模型中排除了物理侧通道，因此此桥接非常关键。这项工作还可能通过评估提交的基于晶格密码学的提案，帮助由国家标准与技术研究所(NIST)领导的正在进行的量子安全加密标准化工作。该项目将使用一个有多个备份服务器的储存库来存储和记录数据，主要成果以及硬件和软件产品将通过使用万维网上的资源向公众提供。有关项目储存库的更多信息将在https://research.ece.ncsu.edu/aaysu/research.html.上提供该储存库将在项目期间积极维护。这一奖励反映了NSF的法定使命，并通过使用基金会的智力优势和更广泛的影响审查标准进行评估，被认为值得支持。

项目成果

MaskedNet: The First Hardware Inference Engine Aiming Power Side-Channel Protection

• DOI: 10.1109/host45689.2020.9300276
• 发表时间: 2019-10
• 期刊: 2020 IEEE International Symposium on Hardware Oriented Security and Trust (HOST)
• 作者: Anuj Dubey;Rosario Cammarota;Aydin Aysu

FALCON Down: Breaking FALCON Post-Quantum Signature Scheme through Side-Channel Attacks

• DOI: 10.1109/dac18074.2021.9586131
• 发表时间: 2021-12
• 期刊: 2021 58th ACM/IEEE Design Automation Conference (DAC)
• 作者: Emre Karabulut;Aydin Aysu

An Extensive Study of Flexible Design Methods for the Number Theoretic Transform

• DOI: 10.1109/tc.2020.3017930
• 发表时间: 2020-08
• 期刊: IEEE Transactions on Computers
• 影响因子: 3.7
• 作者: A. Mert;Emre Karabulut;Erdinç Öztürk;E. Savaş;Aydin Aysu

Teaching the Next Generation of Cryptographic Hardware Design to the Next Generation of Engineers

向下一代工程师教授下一代加密硬件设计

• DOI: 10.1145/3299874.3317994
• 发表时间: 2019
• 期刊: Proceedings of the 2019 on Great Lakes Symposium on VLSI
• 作者: Aysu, Aydin

Horizontal Side-Channel Vulnerabilities of Post-Quantum Key Exchange and Encapsulation Protocols

• DOI: 10.1145/3476799
• 发表时间: 2021-11
• 期刊: ACM Trans. Embed. Comput. Syst.
• 作者: Furkan Aydin;Aydin Aysu;Mohit Tiwari;A. Gerstlauer;M. Orshansky