首页|期刊导航|密码学报|如何正确和安全地开展后量子密码算法的相关实现

如何正确和安全地开展后量子密码算法的相关实现

Sylvain Guilley Youssef Souissi 张帆杨博麟

密码学报2023，Vol.10Issue(3)：650-666,17.

密码学报2023，Vol.10Issue(3)：650-666,17.DOI:10.13868/j.cnki.jcr.000624

如何正确和安全地开展后量子密码算法的相关实现

Post-Quantum Cryptography—Having It Implemented Right

Sylvain Guilley ¹Youssef Souissi ¹张帆 ²杨博麟³

作者信息

1. Télécom-Paris,Institut Polytechnique de Paris,Paris,France||Secure-IC,75014 Paris,France
2. 浙江大学计算机科学与技术学院/网络空间安全学院,杭州 310058||阿里巴巴-浙江大学前沿技术联合研究中心,杭州 310058
3. 浙江大学信息与电子工程学院,杭州 310058
折叠

摘要

Abstract

Post-quantum cryptography(PQC)refers to novel requirements in asymmetric cryptog-raphy,namely key exchange,asymmetric encryption and digital signature.In PQC,the cryptographic computation shall resist not only attacks from classic computers,but also from quantum comput-ers.Still,PQC algorithms are mathematical functions which are implemented conventionally(as software,hardware,etc.).Therefore,regular implementation-level attacks apply.In this paper,we list the challenges associated with the implementation of PQC,in particular vulnerabilities related to side-channel analyses.Some features in PQC,such as modular arithmetic in finite fields,inversions,non-uniform random numbers sampling,or decoding algorithms,are intrinsically hard to evaluate in constant-time.First,we detail the detection and the prevention of leakage arising from conditional control-flow and from conditional access to data structures.Second,we apply the same methodol-ogy to data leakage,in the situation where the manipulated data is randomly split in several shares(protection known as"masking").Conventional detection of vertical leakage is not appropriate in the presence of countermeasures,such as masking.This paper shows that proper implementation of PQC requires knowledge of security evaluation and of secure coding.Owing to the large variety of PQC algorithms(key generation,encapsulation/decapsulation,signature verification/generation),classes(lattice-based,code-based,multivariate,etc.)and their configurations(key size,conforming to IND-CCA or IND-CPA security,etc.),generic methods shall be available.Those are overviewed in this paper,which is intended to provide to the readers with a comprehensive coverage about secure code evaluation and design.

关键词

后量子密码算法/旁路攻击/安全性评估

Key words

post-quantum cryptography(PQC)/side channel attacks/security evaluation

分类

信息技术与安全科学

引用本文复制引用

Sylvain Guilley,Youssef Souissi,张帆,杨博麟..如何正确和安全地开展后量子密码算法的相关实现[J].密码学报,2023,10(3):650-666,17.

基金项目

This work is partly financed via National Key Research and Development Program of China(2020AAA0107700) （2020AAA0107700）

National Natural Science Foundation of China(62227805,62072398) （62227805,62072398）

SUTD-ZJU IDEA Grant for visiting professors(SUTD-ZJUVP201901) （SUTD-ZJUVP201901）

Alibaba-Zhejiang University Joint Institute of Frontier Technologies （）

National Key Laboratory of Science and Technology on Information System Security(6142111210301) （6142111210301）

State Key Lab-oratory of Mathematical Engineering and Advanced Computing （）

Key Laboratory of Cyberspace Situation Awareness of Henan Province(HNTS2022001) （HNTS2022001）

RISQ(http://risq.fr/)PIA Project （http://risq.fr/）

BRAINE Project from European Union's Horizon 2020/ECSEL research and innovation program(N° 876967) （N° 876967）

密码学报

OA北大核心CSCDCSTPCD

ISSN：2095-7025

访问量0

下载量0

段落导航