A practical key-recovery attack on LWE-based key-encapsulation mechanism schemes using Rowhammer

TL;DR

This paper presents a practical physical attack on lattice-based post-quantum key encapsulation schemes like Kyber and Saber using Rowhammer, revealing vulnerabilities in their cryptographic components.

Contribution

It introduces a microarchitectural attack methodology targeting the Fujisaki-Okamoto transform in lattice-based KEMs and proposes an improved plaintext checking oracle to enhance attack efficiency.

Findings

Successfully demonstrated attack on Kyber and Saber schemes.

Reduced oracle query complexity by up to 39%.

Showed practical feasibility with minimal attacker prerequisites.

Abstract

Physical attacks are serious threats to cryptosystems deployed in the real world. In this work, we propose a microarchitectural end-to-end attack methodology on generic lattice-based post-quantum key encapsulation mechanisms to recover the long-term secret key. Our attack targets a critical component of a Fujisaki-Okamoto transform that is used in the construction of almost all lattice-based key encapsulation mechanisms. We demonstrate our attack model on practical schemes such as Kyber and Saber by using Rowhammer. We show that our attack is highly practical and imposes little preconditions on the attacker to succeed. As an additional contribution, we propose an improved version of the plaintext checking oracle, which is used by almost all physical attack strategies on lattice-based key-encapsulation mechanisms. Our improvement reduces the number of queries to the plaintext checking oracle by as much as $39\%$ for Saber and approximately $23\%$ for Kyber768. This can be of independent interest and can also be used to reduce the complexity of other attacks.