Fault-Injection Attacks Against NIST's Post-Quantum Cryptography Round 3 KEM Candidates

Keita Xagawa; Akira Ito; Rei Ueno; Junko Takahashi; Naofumi Homma

Fault-Injection Attacks Against NIST's Post-Quantum Cryptography Round 3 KEM Candidates

Keita Xagawa, Akira Ito, Rei Ueno, Junko Takahashi, Naofumi Homma

Published: 01 Jan 2021, Last Modified: 28 Jan 2025ASIACRYPT (2) 2021EveryoneRevisionsBibTeXCC BY-SA 4.0

Abstract: We investigate all NIST PQC Round 3 KEM candidates from the viewpoint of fault-injection attacks: Classic McEliece, Kyber, NTRU, Saber, BIKE, FrodoKEM, HQC, NTRU Prime, and SIKE. All KEM schemes use variants of the Fujisaki-Okamoto transformation, so the equality test with re-encryption in decapsulation is critical.

Loading