Side-channel Attack On Rainbow Post-quantum Signature

David Pokorýa, Petr Sochab and Martin Novotnýc
Czech Technical University in Prague, Faculty of Information Technology, Czech Republic
apokord11@fit.cvut.cz
bpetr.socha@fit.cvut.cz
cmartin.novotny@fit.cvut.cz

ABSTRACT


Rainbow, a layered multivariate quadratic digital signature, is a candidate for standardization in a competition-like process organized by NIST. In this paper, we present a CPA sidechannel attack on the submitted 32-bit reference implementation. We evaluate the attack on an STM32F3 ARM microcontroller, successfully revealing the full private key. Furthermore, we propose a simple masking scheme with minimum overhead.

Keywords: Post-quantum Cryptography, Digital Signature, Multivariate Quadratic, Side-Channel Analysis, Embedded Systems.



Full Text (PDF)