Practical Side-Channel Attack on Message Encoding in Masked Kyber.

Since the message encoding in lattice-based schemes is vulnerable to side-channel attacks, a first-order masked message encoder has been proposed and applied to multiple masked implementations. However, the security of the masked encoder still lacks enough evaluation. In this paper, we investigate the security of the masked message encoder in a masked Kyber implementation. First, we give a detailed side-channel leakage analysis of the masked implementation in a specific platform, and we explain the technical challenges of designing a key recovery attack for the masked implementations. Even so, we still found a new 2-stage key recovery attack, which overcomes the difficulties and can recover the whole private key of the masked Kyber implementation with only 9 traces. In our experiments, we validate the attack on a Cortex-M4-based development board and the success rate of key recovery is almost up to 100% in 1000 experiments. According to the experiment results, the masked encoder can not prevent side-channel attacks efficiently and newer masking techniques are needed.