Binary Ring-LWE Hardware with Power Side-Channel Countermeasures

  • Authors:
    Aydin Aysu (UT/Austin), Andreas Gerstlauer (UT/Austin), Michael E. Orshansky (UT/Austin), Mohit Tiwari (UT/Austin)
    Publication ID:
    Publication Type:
    Received Date:
    Last Edit Date:
    2384.008 (University of Michigan)


We describe the first hardware implementation of a quantum-secure encryption scheme along with its low-cost power side-channel countermeasures. The encryption uses an implementation-friendly Binary-Ring-Learning-with-Errors (B- RLWE) problem with binary errors that can be efficiently generated in hardware. We demonstrate that a direct implementation of B-RLWE exhibits vulnerability to power side-channel attacks, even to Simple Power Analysis, due to the nature of binary coefficients. We mitigate this vulnerability with a redundant addition and memory update. To further protect against Differential Power Analysis (DPA), we use a B-RLWE specific opportunity to construct a lightweight yet effective countermeasure based on randomization of intermediate states and masked threshold decoding. On a SAKURA-G FPGA board, we show that our method increases the required number of measurements for DPA attacks by 40Ă— compared to unprotected design. Our results also quantify the trade-off between side-channel security and hardware area-cost of B-RLWE.

4819 Emperor Blvd, Suite 300 Durham, NC 27703 Voice: (919) 941-9400 Fax: (919) 941-9450

Important Information for the SRC website. This site uses cookies to store information on your computer. By continuing to use our site, you consent to our cookies. If you are not happy with the use of these cookies, please review our Cookie Policy to learn how they can be disabled. By disabling cookies, some features of the site will not work.