International Association
for Cryptologic Research

CRYSTALS-Kyber has been recently selected by the NIST as a post-quantum public-key encryption and key-establishment algorithm to be standardized. This makes it important to assess how well CRYSTALS-Kyber implementations withstand side-channel attacks. The first-order masked implementations of CRYSTALS-Kyber have been already analyzed. In this talk, we will present a side-channel attack on a higher-order masked implementation of CRYSTALS-Kyber. We will show how to recover messages from up to the fifth-order masked implementations of CRYSTALS-Kyber in ARM Cortex-M4 CPU by a deep learning-based power analysis. The talk is expected to be of interest to industry which is currently preparing for a shift to quantum-resistant cryptographic algorithms.