Publikation
Efficiently Masking Polynomial Inversion at Arbitrary Order
Markus Krausz; Georg Land; Jan Richter-Brockmann; Tim Güneysu
In: 13th International Conference on Post-Quantum Cryptography (PQCrypto 2022). International Conference on Post-Quantum Cryptography (PQCrypto-2022), September 28-30, 2022.
Zusammenfassung
Physical side-channel analysis poses a huge threat to post-quantum cryptographic schemes implemented on embedded devices. Still, secure implementations are missing for many schemes. In this paper, we present an efficient solution for masked polynomial inversion, a main component of the key generation of multiple post-quantum KEMs. For this, we introduce a polynomial-multiplicative masking scheme with efficient arbitrary order conversions from and to additive masking. Furthermore, we show how to integrate polynomial inversion and multiplication into the masking schemes to reduce costs considerably. We demonstrate the performance of our algorithms for two different post-quantum cryptographic schemes on the Cortex-M4. For NTRU, we measure an overhead of 35% for the first-order masked inversion compared to the unmasked inversion while for BIKE the overhead is as little as 11%. Lastly, we verify the security of our algorithms for the first masking order by measuring and performing a TVLA based side-channel analysis.