Secure Hardware Implementations of Lightweight and Post-Quantum Cryptography; Trade-offs, Applicability, and Tools

Abstract

Lightweight authenticated ciphers are crucial in many resource-constrained applications,including online payment, edge computing, and the Internet of Things. However, the current standard AES-GCM is not adequate for many applications. Recent developments in Quantum computing increased the urgency of deploying Post-Quantum cryptographic standards that withstand quantum and classic attacks. As a response to these needs, the US National Institute of Standards (NIST) coordinates two standardization processes to evaluate and ratify suitable algorithms. Although resistance to mathematical cryptanalysis is paramount, cost, performance, and resistance to side-channel attacks are among the most critical selection criteria. The development of side-channel protected implementations is necessary for a fair evaluation of candidates since algorithms have a different cost of protection. Real-world implementations, especially lightweight applications with little physical security, are vulnerable to side-channel attacks. As a result, producing side-channel resistant implementations and quantifying the impact of countermeasures on cost and performance shed light on how a given algorithm will perform in practical settings. In this research, we study the effect of applying side-channel countermeasures to the NIST LWC candidates Xoodyak and TinyJAMBU and the NIST PQC candidate Saber with a concentration on hardware implementations. Specifically, we employ the Domain- Oriented masking countermeasure to produce two first-order protected implementations of Xoodyak. For TinyJAMBU, we present a flexible implementation that is synthesizable for arbitrary order of protection. For Saber, we first develop a lightweight design and then apply masking countermeasures. We also report the protection overhead in terms of performance and cost. In parallel, we developed the tools necessary for this research to improve on the existing FOBOS platform. We significantly improved the efficiency and flexibility of the system while using affordable hardware components. Our upgrades resulted in an efficient system capable of performing leakage assessment and attacks on FPGA cryptographic implementations. We also improved the usability of the system to address research and education needs. Our work aims at establishing methodologies and providing tools to develop and evaluate LWC and PQC candidates. Also, the results provide a more realistic look at the practical cost and performance of the algorithms studied.