EP-4738765-A1 - A LIGHTWEIGHT FAULT COUNTERMEASURE FOR POST-QUANTUM KEMS

Abstract

A method is proposed to improve the resistance to fault attacks.

Inventors

• SCHNEIDER, TOBIAS
• BRONCHAIN, OLIVIER
• AZOUAOUI, MELISSA

Assignees

• NXP B.V.

Dates

Publication Date

20260506

Application Date

20241031

Claims (15)

1. A computer-implemented method of processing a ciphertext to extract data from the ciphertext, the method implemented by a processing resource, the method comprising: receiving a first ciphertext encrypting data to be extracted; decrypting the first ciphertext to extract the data from the first ciphertext using a secret key to produce decrypted ciphertext data; re-encrypting the decrypted ciphertext data using a public key to produce an encrypted data set; determining and correcting the presence of at least one error in the decapsulation of the received ciphertext based on the encrypted data set and data associated with an invalid ciphertext.
2. A method according to Claim 1, wherein the data to be extracted is associated with an encryption key.
3. A method according to Claim 1, wherein the re-encryption of the decrypted ciphertext data using a public key comprises: re-encrypting the decrypted ciphertext data using a first processing entity to produce a first re-encryption output; and re-encrypting the decrypted ciphertext data using a second processing entity to produce a second re-encryption output.
4. A method according to Claim 3, wherein the first processing entity and the second processing entity are distinct.
5. A method according to Claim 3 or Claim 4, wherein the first and second re-encryption outputs are generated as a result of a comparison between re-encryption of the decrypted ciphertext data and the received ciphertext data.
6. A method according to Claim 3 wherein identifying and correcting an error in the decapsulation of a provided ciphertext comprises: providing first data associated with the first re-encryption output and second data associated with the second re-encryption output to a majority function; and providing the data associated with an invalidciphertext to the majority function; and identifying and correcting an error of a fault attack based on the output of the majority function.
7. A method according to any preceding claims, wherein the majority function is: D E = b ′ AND b " XOR b ′ AND b ‴ XOR b " AND b ‴ where b' is the first data associated with the first re-encryption output, b" is the second data associated with the second re-encryption output and b‴ is the data associated with an invalid ciphertext and D E is corrected output.
8. A method according to any preceding claims, wherein the data associated with the invalid ciphertext comprises decision data associated with the validity or invalidity of the invalid ciphertext.
9. A method according to any preceding claims wherein the data associated with the invalid ciphertext is associated with a previously successful fault attack.
10. A method according to any preceding claims wherein the processing resource is a secure computing resource.
11. A method according to any preceding claims, wherein the method further comprises: providing a corrected output indicating whether the provided first ciphertext is associated with a fault attack.
12. A computer-implemented method of accessing data encrypted by a ciphertext, the method comprising: processing a ciphertext in accordance with the method of any one of claims 1 to 11 to extract a determination about the presence of at least one fault attack; obtaining the data encrypted by the ciphertext based on the determination of the presence of at least one fault attack.
13. A non-transitory computer readable storage medium having stored thereon executable instructions that, as a result of being executed by a processor of a computer system, cause the computer system to at least perform the method of any one of any preceding claims.
14. A system configured to implement the method of any preceding claims.
15. A processing resource comprising a processor and memory including executable instructions that, as a result of execution by the processor, causes the reader to perform the method of any preceding claims.

Description

FIELD The invention relates to a method and system. Particularly, but not exclusively, the invention relates to a computer-implemented method and system. Particularly, but not exclusively, the invention relates to a computer-implemented method of processing a ciphertext to extract data from the ciphertext. Particularly, but not exclusively, the invention relates to a lightweight fault countermeasure for post quantum key encapsulation mechanisms. BACKGROUND Key encapsulation mechanisms (KEM) are widely used approaches to transmitting data (e.g. keys) between parties and are particularly popular when it comes to transmitting data which needs to be secure from access by unauthorised third parties. Key encapsulation mechanisms (KEM) approaches are vulnerable to various types of attack as malicious third parties seek to access the data which is being transmitted between parties. Example attacks include chosen-ciphertext fault attacks and chosen-ciphertext detection-assisted fault attacks which attack the decapsulation of the data which is encrypted within ciphertexts. It is important that approaches are developed to resist these attacks, especially in view of the processing restrictions on embedded computing devices. Recent significant advances in quantum computing have accelerated the research into post-quantum cryptography schemes, i.e. cryptographic algorithms which run on classical computers but which are still secure even when faced with an adversary with a quantum computer. Aspects and embodiments were conceived with the foregoing in mind. SUMMARY Aspects relate to the identification and correction of errors during the execution of a KEM ciphertext decapsulation. Aspects may be used alongside key encapsulation and decapsulation methods, for example module-lattice based key encapsulation methods (ML-KEM) to identify faults which may be generated by a malicious entity. Viewed from a first aspect, there is provided a computer-implemented method of processing a ciphertext. The method may be to identify and correct errors in the provided ciphertext. The error may have been injected during ciphertext decapsulation. A ciphertext may be understood to mean encrypted data which is unreadable and which can only be deciphered using a key. It may be as a result of using an encryption algorithm to transform plain text (or secret data such as, for example, an encryption key) into a series of random letters and numbers. The method may be used to extract data from the ciphertext. The ciphertext may encapsulate data in accordance with a key encapsulation mechanism such as, for example, module lattice key encapsulation mechanism (ML-KEM). By extracting the data, we may mean reversing the effect of the encryption of the encrypted data to obtain the data which is intended to be unreadable to entities other than those who have the appropriate key. An example of such data may be an encryption key. The method may be implemented by a processing resource. The processing resource may be hardware or software implemented. The processing resource may be hosted within a secure computing environment. An example of such an environment may be a trusted execution environment. The processing resource may be any resource which can provide processing capacity. The method may comprise receiving a first ciphertext encrypting data to be extracted. The ciphertext may be received over a telecommunications network such as, for example, the world-wide web or any other suitable data transmission protocol or media. The method may comprise decrypting the first ciphertext to extract the data from the first ciphertext using a secret key to produce decrypted ciphertext data. The secret key may be described as a private key. The secret key may be obtained from storage. The secret key may be generated by the processing resource using any suitable approach such as, for example, asymmetric cryptography. The method may comprise re-encrypting the decrypted ciphertext data using a public key to produce an encrypted data set. The public key may be related to the secret key using asymmetric cryptography. The public key may be obtained from storage. The method may comprise identifying and correcting at least one error in the decapsulation of a first ciphertext based on the encrypted data set and data associated with an invalid ciphertext which is suitable for a fault attack. An invalid ciphertext is a ciphertext which is chosen because it has already been identified as being associated with a fault attack. On identification of the at least one error in the decapsulation of a first ciphertext, the processing resource may correct the error.. The error may be the result of a malicious entity who is perpetrating a fault attack. The decapsulation, if it is identified to contain an error, and subsequently corrected, can then no longer be used by the malicious entity as the error has already been correctedby the operator of the processing resource. By determining the likel