Litcius/Paper detail

FPGA-based SPHINCS<sup>+</sup>Implementations: Mind the Glitch

Dorian Amiet, Lukas Leuenberger, Andreas Curiger, Paul Zbinden

202054 citationsDOI

Abstract

The digital signature scheme SPHINCS <sup xmlns:mml="http://www.w3.org/1998/Math/MathML" xmlns:xlink="http://www.w3.org/1999/xlink">+</sup> is a candidate in the NIST post-quantum project, whose aim is to standardize cryptographic systems that are secure against attacks originating from both quantum and classical computers. We present an efficient and, to our knowledge, first hardware implementation for SPHINCS <sup xmlns:mml="http://www.w3.org/1998/Math/MathML" xmlns:xlink="http://www.w3.org/1999/xlink">+</sup> . Our systematic approach of a performance-optimized FPGA architecture results in a 100x speed-up compared to the reference software-only implementation. Our investigation on a real-world implementation revealed a weakness regarding fault injection. The attack breaks the scheme completely. Collecting enough private information to forge a signature is a matter of seconds on our setup. We discuss possible countermeasures. A “sign-then-verify” operation unfortunately does not detect a faulty signature, but a full replication of the hardware might make a detection possible.

Topics & Concepts

Computer scienceDigital signatureField-programmable gate arrayNISTCryptographySignature (topology)SoftwareScheme (mathematics)Embedded systemComputer hardwareComputer engineeringComputer securityHash functionOperating systemMathematicsGeometryMathematical analysisNatural language processingCryptographic Implementations and SecurityCryptography and Data SecurityChaos-based Image/Signal Encryption