Security Assessment of NTRU Against Non-Profiled SCA - Archive ouverte HAL Access content directly
Conference Papers Year : 2023

Security Assessment of NTRU Against Non-Profiled SCA

(1) , (2) , (3, 1) , (3, 2) , (2)


NTRU was first introduced by J. Hoffstein, J. Pipher and J.H Silverman in 1998. Its security, efficiency and compactness properties have been carefully studied for more than two decades. A key encapsulation mechanism (KEM) version was even submitted to the NIST standardization competition and made it to the final round. Even though it has not been chosen to be a new standard, NTRU remains a relevant, practical and trustful post-quantum cryptographic primitive. In this paper, we investigate the side-channel resistance of the NTRU Decrypt procedure. In contrast with previous works about side-channel analysis on NTRU, we consider a weak attacker model and we focus on an implementation that incorporates some side-channel countermeasures. The attacker is assumed to be unable to mount powerful attacks by using templates or by forging malicious ciphertexts for instance. In this context, we show how a non-profiled side-channel analysis can be done against a core operation of NTRU decryption. Despite the considered countermeasures and the weak attacker model, our experiments show that the secret key can be fully retrieved with a few tens of traces.
Fichier principal
Vignette du fichier
scantru_cardis.pdf (631.14 Ko) Télécharger le fichier
Origin : Files produced by the author(s)

Dates and versions

hal-03950393 , version 1 (21-01-2023)



Luk Bettale, Julien Eynard, Simon Montoya, Guénaël Renault, Rémi Strullu. Security Assessment of NTRU Against Non-Profiled SCA. CARDIS 2022, Nov 2022, Birmingham, United Kingdom. pp.248-268, ⟨10.1007/978-3-031-25319-5_13⟩. ⟨hal-03950393⟩
0 View
0 Download



Gmail Facebook Twitter LinkedIn More