FPGA-Based Fault Detection Module Protects Number Theoretic Transform Against Side-Channel Attacks

The increasing vulnerability of cryptographic systems to advanced attacks necessitates robust hardware security measures, and researchers are now focusing on protecting the fundamental building blocks of post-quantum cryptography. Rourab Paul from Shiv Nadar University, Paresh Baidya from the National Institute of Technology Jamshedpur, and Krishnendu Guha from SOA University, have developed a new lightweight fault detection architecture for the Number Theoretic Transform (NTT), a crucial component in many post-quantum algorithms like Kyber and NTRU. Their work addresses the risk of sensitive information leakage caused by hardware faults, either natural or intentionally introduced through side-channel attacks. The team’s innovative approach, combining a recomputation technique with memory rule checkers, establishes a new standard for efficiency, requiring minimal resources, just 16 slices and a single DSP block on an Artix-7 FPGA, while achieving high fault coverage, ranging from 50. 7% to 100% depending on the fault characteristics, and consuming only 3mW of power. This research significantly enhances the reliability and security of future cryptographic implementations in network processors and beyond.

Fault Detection in Post-Quantum Cryptographic Hardware

Researchers developed a novel fault detection framework to protect post-quantum cryptographic (PQC) algorithms implemented in hardware, addressing vulnerabilities that arise despite the mathematical security of these algorithms. The approach recognises that physical implementations are susceptible to faults, either naturally occurring or deliberately induced, which can compromise sensitive data. Consequently, the team focused on creating a system capable of identifying these faults within critical components of PQC systems before they can be exploited. REMO functions by re-performing calculations with a slight modification, allowing the system to cross-validate results and detect discrepancies indicative of a fault. Memory Rule Checkers, conversely, establish expected patterns within memory operations and flag any deviations as potential errors. This efficient design is suitable for implementation on Field Programmable Gate Arrays (FPGAs) with minimal resource usage. The system achieves high fault coverage, between 50.
FPGA and consuming very little power. This low overhead is crucial for practical deployment, avoiding significant performance penalties or increased hardware costs. The researchers demonstrated the adaptability of REMO across various data sizes, fault magnitudes, and fault injection methods, highlighting its robustness. By combining REMO and Memory Rule Checkers, the team created a comprehensive fault detection system that addresses both computational and memory-related vulnerabilities within the NTT, offering a significant step towards secure hardware implementations of PQC algorithms.

Recomputation Detects NTT Faults Effectively

The increasing reliance on post-quantum cryptography (PQC) necessitates robust hardware security measures, as these algorithms, while mathematically resistant to attack, remain vulnerable to physical faults and intentional manipulation. The NTT, used in algorithms like Kyber and Dilithium, performs complex calculations using memory units and a core component called the Cooley-Tukey Butterfly Unit (CT-BU). Researchers have developed a new fault detection framework targeting both the CT-BU and the memory components of the NTT, achieving a significant advancement over existing methods.

The team proposes Recomputation with a Modular Offset (REMO) for the CT-BU’s logic blocks, alongside Memory Rule Checkers for the memory components. REMO offers a novel approach to fault detection within Montgomery reduction, a key operation in the CT-BU, and is potentially applicable to a wider range of cryptographic calculations. The Memory Rule Checkers provide a separate layer of protection for the data stored within the NTT’s memory units. This new framework demonstrates impressive fault coverage, detecting between 87. 2% and 100% of faults in the CT-BU using REMO, and 50.
Rule Checkers, adapting to different fault scenarios and system configurations. Importantly, this level of protection is achieved with remarkably low overhead, consuming only 16 slices and a single DSP block on an Artix-7 FPGA, with a power consumption of just 3mW. This contrasts with previous approaches, which often introduce significant resource overhead or performance penalties. The research distinguishes itself by independently targeting both the CT-BU and memory units with a lightweight and efficient design, offering a comprehensive and practical solution for securing PQC implementations against physical attacks. The research represents a significant step towards building truly secure and reliable cryptographic systems for the future.

FPGA Fault Detection Using Recomputation and Checkers

This research presents a new fault detection framework designed to enhance the security of post-quantum cryptographic (PQC) algorithms implemented on field-programmable gate arrays (FPGAs). Recognizing that PQC algorithms, while mathematically secure, remain vulnerable to hardware-level faults, the team developed methods to identify errors that could compromise cryptographic operations. REMO and Memory Rule Checkers both achieve significant fault detection rates, with REMO covering between 87.
Memory Rule Checkers detecting between 50. 7% and 100%, depending on the nature of the injected error. Importantly, the proposed framework achieves this high level of security with minimal hardware overhead, occupying only a small area on the FPGA and consuming very little power. This efficiency is crucial for deploying PQC algorithms in resource-constrained environments. Future work could focus on improving the fault coverage of the Memory Rule Checkers and exploring techniques to detect a wider range of fault types. The team also suggests that this framework could be adapted for use with other PQC algorithms and hardware platforms, contributing to the development of more robust and secure cryptographic systems.