Backdooring Post-Quantum Cryptography: Kleptographic Attacks on Lattice-based KEMs

Prasanna Ravi; Shivam Bhasin; Anupam Chattopadhyay; Aikata; Sujoy Sinha Roy

Paper 2022/1681

Backdooring Post-Quantum Cryptography: Kleptographic Attacks on Lattice-based KEMs

Prasanna Ravi, Nanyang Technological University

Shivam Bhasin, Nanyang Technological University

Anupam Chattopadhyay, Nanyang Technological University

Aikata

Sujoy Sinha Roy, Graz University of Technology

Abstract

Post-quantum Cryptography (PQC) has reached the verge of standardization competition, with Kyber as a winning candidate. In this work, we demonstrate practical backdoor insertion in Kyber through kleptrography. The backdoor can be inserted using classical techniques like ECDH or post-quantum Classic Mceliece. The inserted backdoor targets the key generation procedure where generated output public keys subliminally leak information about the secret key to the owner of the backdoor. We demonstrate first practical instantiations of such attack at the protocol level by validating it on TLS 1.3.

Metadata

Available format(s): PDF
Category: Public-key cryptography
Publication info: Preprint.
Keywords: Kleptography Lattice-based Cryptography Kyber KEM Post-Quantum Cryptography Backdoor
Contact author(s): prasanna ravi @ ntu edu sg
sbhasin @ ntu edu sg
anupam @ ntu edu sg
aikata @ iaik tugraz at
sujoy sinharoy @ iaik tugraz at
History: 2022-12-03: revised; 2022-12-02: received; See all versions
Short URL: https://ia.cr/2022/1681
License: CC0

BibTeX

@misc{cryptoeprint:2022/1681,
      author = {Prasanna Ravi and Shivam Bhasin and Anupam Chattopadhyay and Aikata and Sujoy Sinha Roy},
      title = {Backdooring Post-Quantum Cryptography: Kleptographic Attacks on Lattice-based {KEMs}},
      howpublished = {Cryptology {ePrint} Archive, Paper 2022/1681},
      year = {2022},
      url = {https://eprint.iacr.org/2022/1681}
}