A Hertzbleed-like attack against CPA-Kyber without Compress/Decompress and CCA-NTTRU, accompanying the paper
Hints from Hertz: Dynamic Frequency Scaling Side-Channel Analysis of Number Theoretic Transform in Lattice-Based KEMs
NB: This source code is CPU-specific.
We follow the same setup as Hertzbleed attack. Similarly, the repo is fully tested with an Intel i7-9700CPU with the Ubuntu20.04. We cannot ensure this code works in virtualized environments, on alternative CPUs, custom hardware configurations, or with different operating systems.
- Sage 10.2
This repository contains the following materials:
01-leakage-channel-workloads : the same as the one in Hertbleed, the code to test if the scaling of P-states leaks information in certain CPU.
02-Kyber-pureNTT contains the code that we used to perform the frequency measuremnt over NTT.
02b-Kyber-pureNTT-time contains the code that we used to perform timing mesurement over NTT.
03-CPA-Kyber contains the code that we used to perform the Kyber attack over the AVX2-implementation.
03-Kyber-KnownSK_C0C0_128pair_verification contains the code that we used to verify our attack is valid over multiple pairs.
04-CCA-NTTRU contains the code that we used to perform the NTTRU attack over the AVX2-implementation.
05-ToyExample contains the code of our ToyExample , Kyber-256 and the code that we used to perform the frequency measurement and the script to finish an end-to-end attack.
06-Bit_Estimation contains the code that we integrate the hints to DDGR AND estimate the security loss.
util: same as Hertbleed, contains scripts that can be used to run all the leakage model experiments and parse their results.