| NSF Org: |
CNS Division Of Computer and Network Systems |
| Recipient: |
|
| Initial Amendment Date: | September 5, 2018 |
| Latest Amendment Date: | October 15, 2020 |
| Award Number: | 1801512 |
| Award Instrument: | Continuing Grant |
| Program Manager: |
Karen Karavanic
kkaravan@nsf.gov (703)292-2594 CNS Division Of Computer and Network Systems CSE Directorate for Computer and Information Science and Engineering |
| Start Date: | October 1, 2018 |
| End Date: | August 31, 2024 (Estimated) |
| Total Intended Award Amount: | $450,000.00 |
| Total Awarded Amount to Date: | $450,000.00 |
| Funds Obligated to Date: |
FY 2019 = $110,108.00 FY 2020 = $234,321.00 |
| History of Investigator: |
|
| Recipient Sponsored Research Office: |
4400 UNIVERSITY DR FAIRFAX VA US 22030-4422 (703)993-2295 |
| Sponsor Congressional District: |
|
| Primary Place of Performance: |
4400 University Drive Fairfax VA US 22030-4422 |
| Primary Place of
Performance Congressional District: |
|
| Unique Entity Identifier (UEI): |
|
| Parent UEI: |
|
| NSF Program(s): | Secure &Trustworthy Cyberspace |
| Primary Program Source: |
01001920DB NSF RESEARCH & RELATED ACTIVIT 01002021DB NSF RESEARCH & RELATED ACTIVIT 01002122DB NSF RESEARCH & RELATED ACTIVIT |
| Program Reference Code(s): |
|
| Program Element Code(s): |
|
| Award Agency Code: | 4900 |
| Fund Agency Code: | 4900 |
| Assistance Listing Number(s): | 47.070 |
ABSTRACT
Quantum computers are believed to have a potential to perform specialized calculations beyond the reach of any supercomputer in existence today, threatening today's major public-key cryptography standards. Post-Quantum Cryptography (PQC) is devoted to the design and analysis of cryptographic algorithms that are resistant against any known attacks using quantum computers, but by themselves can be implemented using classical computing platforms, based on current semiconductor technologies. This project aims to develop effective methods of protecting the implementations of emerging PQC schemes against powerful side-channel attacks based on exploiting power consumption of cryptographic devices and/or intentional transient faults affecting their operation.
The algorithms to be investigated represent several major PQC families and three major categories of public-key cryptography applications: encryption, digital signature, and key encapsulation mechanism. The goal of the project is to determine the cost of effective countermeasures against power and fault attacks in terms of the commonly accepted software and hardware performance metrics. The research thrusts will (i) investigate the effects of countermeasures against fault attacks on resiliency to power attacks, and (ii) propose solutions to achieve combined fault and power analysis resiliency. The project will involve several significant extensions to preliminarily-developed experimental platform: Flexible Open-source workBench fOr Side-channel analysis (FOBOS).
Power and fault attacks are real threats to practical implementation of PQC and may significantly thwart the successful transition to new standards. This project will investigate systematic, long-term study of countermeasures against these attacks, which may make transition to PQC more secure, benefiting Internet users worldwide. The outreach activities will include motivational lectures at high schools, promoting and supervising undergraduate research, and organizing a series of international competitions for graduate students. The knowledge and experience gained will be integrated into several course modules, developed jointly by all investigators and shared on-line.
It is expected that multiple algorithms, computer-aided design tools, software programs, and hardware designs will be developed throughout the project period. Project deliverables will be made available to researchers and educators in the non-profit sector, such as universities, research institutions, and government laboratories. To make it easy to maintain, disseminate, and distribute code and data from this project, a single server will be dedicated to keeping all the draft and final copies of the deliverables. This server will be maintained through the project period and additional five years beyond. The project website will be continuously available at http://www.pqcSCA.com.
This award reflects NSF's statutory mission and has been deemed worthy of support through evaluation using the Foundation's intellectual merit and broader impacts review criteria.
PUBLICATIONS PRODUCED AS A RESULT OF THIS RESEARCH
Note:
When clicking on a Digital Object Identifier (DOI) number, you will be taken to an external
site maintained by the publisher. Some full text articles may not yet be available without a
charge during the embargo (administrative interval).
Some links on this page may take you to non-federal websites. Their policies may differ from
this site.
PROJECT OUTCOMES REPORT
Disclaimer
This Project Outcomes Report for the General Public is displayed verbatim as submitted by the Principal Investigator (PI) for this award. Any opinions, findings, and conclusions or recommendations expressed in this Report are those of the PI and do not necessarily reflect the views of the National Science Foundation; NSF has not approved or endorsed its content.
A significant number of cryptographic standards in common use at the beginning of this project were vulnerable to powerful attacks, possible only using the emerging new generation of computing devices called quantum computers. The goal of this project was to support the standardization organizations, such as the National Institute of Standards and Technology (NIST), to seek suitable replacements, referred to as post-quantum cryptography (PQC) standards, and make their implementations resistant against a broad class of attacks called side-channel attacks (SCA), with a special focus on timing, power, and fault attacks. Although the current generation of quantum computers is not yet powerful enough to break existing standards, the exact timeline is hard to predict, and thus, it is prudent to start the transition to new standards as quickly as possible. To make this transition as fast and cost-effective as possible, PQC standards must be easy to implement efficiently and securely on a variety of traditional platforms, from smartphones to cloud servers. At the same time, they must be resistant against all known and foreseeable attacks involving both quantum computers and classical supercomputers.
To achieve the grant goals, the three university groups involved in this project jointly developed numerous hardware, software/hardware, and embedded software implementations for over a dozen candidate algorithms competing to become the new standards. All implementations were made resilient against timing attacks and suitable for extensions with power and fault-attack countermeasures. In particular, they included the fastest hardware implementations of the new PQC standards ML-KEM (a.k.a. CRYSTALS-Kyber) and ML-DSA (a.k.a. CRYSTALS-Dilithium) reported in the literature at the time of the standards' publication in August 2024. To further analyze and extend these implementations, the project team significantly enhanced its low-cost, open-source, experimental platform for the evaluation of the SCA countermeasures, called the Flexible Open-source workBench fOr Side-channel analysis (FOBOS). The extensions and improvements included two orders of magnitude higher speed of analysis, support for several new prototyping boards, support for mounting fault attacks and evaluating countermeasures against them, etc. Using FOBOS, we executed successful key-recovery, side-channel attacks against unprotected implementations developed by both members of our group and leading cryptographic engineering groups worldwide, demonstrating a clear need for effective countermeasures. The implementations protected against fault and power attacks have been developed for the following common building blocks of PQC algorithms: Number Theoretic Transform (NTT), polynomial multiplication, finite field multipliers, finite field inverters, hash functions, random samplers, etc. The implementations protected against one or both types of these attacks have been developed for several lattice-based schemes (including the recently published PQC standards: ML-KEM and ML-DSA), code-based schemes (including possible future standards: Classic McEliece and BIKE), and isogeny-based schemes (SIDH and SIKE). The cost of the proposed countermeasures was analyzed and optimized in terms of the commonly accepted software and hardware performance metrics, such as execution time, resource utilization (e.g., area, memory, etc.), and power consumption. Particular attention was placed on developing algorithmic countermeasures capable of protecting multiple algorithms and multiple types of implementations.
The project has had significant broad impacts. The project team has actively assisted NIST in evaluating over a dozen candidates for new PQC standards from the point of view of their efficiency and security in hardware and embedded systems, facilitating the selection of candidates suitable for a broad range of practical applications. Since side-channel attacks (SCAs) are real threats to the practical implementation of cryptography and may significantly thwart the successful transition to PQC, preventing these attacks is of paramount importance during the transition period. This project has paved the way for the systematic long-term study of SCA countermeasures that will help to make such a transition secure, affecting billions of Internet users worldwide. Members of the team have widely disseminated their findings through journal and peer-reviewed conference papers, numerous invited talks given in the United States and abroad, and open-source code. The project contributed to the graduation of 12 Ph.D. students from the three participating universities. These students found employment in leading U.S. high-tech companies, such as Apple, Amazon Web Services (AWS), IBM, and Microsoft. Several students defended their Master's Theses in the same area. Additionally, several other students substantially advanced their Ph.D. research. All PIs and co-PIs have substantially enhanced their courses with the comprehensive coverage of PQC and SCA. In particular, a novel and unique educational lab was developed to accompany a senior-level undergraduate course on the foundations of cryptography. Three dedicated courses, titled "Design & Attack Secure Embedded Systems," "Post-Quantum Cryptography," and "Side-Channel Security," were developed from scratch and offered for the first time in the Spring semesters of 2023, 2024, and 2025, respectively. Our overall goal was to substantially increase the number of U.S. students and professionals knowledgeable about PQC, SCA attacks, and SCA countermeasures.
Last Modified: 02/11/2025
Modified by: Krzysztof Gaj
Please report errors in award information by writing to: awardsearch@nsf.gov.
