Ciphertext Malleability in Lattice-Based KEMs as a Countermeasure to Side Channel Analysis

Abstract

Due to developments in quantum computing, classical asymmetric cryptography is at risk of being breached. Consequently, new Post-Quantum Cryptography (PQC) primitives using lattices are studied. Another point of scrutiny is the resilience of these new primitives to Side Channel Analysis (SCA), where an attacker can study physical leakages. In this work we discuss a SCA vulnerability due to the ciphertext malleability of some PQC primitives exposed by a work from Ravi et al. We propose a novel countermeasure to this vulnerability exploiting the same ciphertext malleability and discuss its practical application to several PQC primitives. We also extend the seminal work of Ravi et al. by detailing their attack on the different security levels of a post-quantum Key Encapsulation Mechanism (KEM), namely FrodoKEM. We also provide a generalisation of their attack to different parameters which could be used in future similar primitives.