Secure Implementation of Post-Quantum Cryptography

Authors

  • Souhayl Ben El Haj Soulami
  • Yann Connan
  • Sylvain Guilley
  • Sofiane Takarabt

DOI:

https://doi.org/10.54654/isj.v1i24.1079

Keywords:

Post-Quantum Cryptography, algorithm, implementation, performances, countermeasures, provisioning, authorization, secure channel, Multi-Factor Authentication, attestation

Tóm tắt

Post-Quantum Cryptography (PQC) is now required by several institutions and vendors, especially for applications related to low-level security functions (secure boot, firmware management, secure channels establishment, etc.). Not only standardized PQC algorithms must match correctly their specification, but also they must be implemented in accordance with market requirements. Those mostly consist of Performance-Power-Area (PPA) and certification constraints. In turn, the PPA encompasses tradeoffs between speed and implementation size, but also optimal adequation with available resources (vectorization in software, parallelism in hardware, dedicated accelerators in embedded systems, etc.) The certification relates to secure implementation in the context of adversaries trying to gain information on the secrets, exploiting for instance some surreptitious information leakage (secret-dependent timing or power consumption). There is an interplay between PPA and certification aspects that we detail in this paper, for different classes of PQC algorithms. We also give some insights on the order in which PQC algorithms will be rolled-out, dictated by the requirements to implement in hardware some services which cannot be retrofitted later on in software, namely those that are in charge of firmware lifecycle management

Downloads

Download data is not yet available.

References

R. L. Rivest, A. Shamir, and L. M. Adleman, “A Method for Obtaining Digital Signatures and PublicKey Cryptosystems,” Communications of the ACM, vol. 21, no. 2, pp. 120–126, 1978.

NIST, Federal Information Processing Standards Publication, “FIPS 186-5, Digital Signature Standard (DSS) (Supersedes FIPS 186-4),” February 3 2023.

V. S. Miller, “Use of Elliptic Curves in Cryptography,” in Advances in Cryptology - CRYPTO ’85, Santa Barbara, California, USA, August 18-22, 1985, Proceedings, ser. Lecture Notes in Computer Science, H. C. Williams, Ed., vol. 218. Springer, 1985, pp. 417–426. [Online]. Available: https://doi.org/10.1007/ 3-540-39799-X_31

N. Koblitz, “A Family of Jacobians Suitable for Discrete Log Cryptosystems,” in Advances in Cryptology - CRYPTO ’88, 8th Annual International Cryptology Conference, Santa Barbara, California, USA, August 21-25, 1988, Proceedings, ser. Lecture Notes in Computer Science, S. Goldwasser, Ed., vol. 403. Springer, 1988, pp. 94–99. [Online]. Available: https://doi.org/10.1007/0-387-34799-2_8

J. L. Massey and J. K. Omura, “Method and apparatus for maintaining the privacy of digital messages conveyed by public transmission,” January 28 1986, United States Patent: 4567600 ; https://patents.google. com/patent/US4567600A/.

P. Paillier, “Public-Key Cryptosystems Based on Composite Degree Residuosity Classes,” in EUROCRYPT, ser. Lecture Notes in Computer Science, vol. 1592. Springer, May 2-6 1999, pp. 223–238, Prague, Czech Republic.

N. E. Mrabet and M. Joye, Eds., Guide to PairingBased Cryptography. CRC Press, Taylor & Francis Group, December 2016, ISBN 9781498729505.

USA, “Executive Order (EO) 14028 - “Improving the Nation’s Cybersecurity”,” May 12 2021. No 1.CS (24) 2025 9Journal of Science and Technology on Information security

R. J. McEliece, “A Public-Key Cryptosystem Based On Algebraic Coding Theory,” The Deep Space Network Progress Report, DSN PR 42-44, pp. 114–116, January and February 1978, https://ipnpr.jpl.nasa.gov/progress_ report2/42 44/44N.PDF.

J. Hoffstein, J. Pipher, and J. H. Silverman, “NTRU: A Ring-Based Public Key Cryptosystem,” in Algorithmic Number Theory, Third International Symposium, ANTS-III, Portland, Oregon, USA, June 21-25, 1998, Proceedings, ser. Lecture Notes in Computer Science, J. Buhler, Ed., vol. 1423. Springer, 1998, pp. 267–288. [Online]. Available: https://doi.org/10.1007/

BFb0054868.

IEEE P1363, “Standard Specifications For Public-Key Cryptography,” October 2000, http://grouper.ieee.org/

groups/1363/.

S. Guilley, Y. Souissi, F. Zhang, and B.-L. Yang, “PostQuantum Cryptography — Having it implemented right,” Journal of Cryptologic Research, vol. 10, no. 03, pp. 650–666, 2023, DOI: 10.13868/j.cnki.jcr.000624.

L. Ducas, E. Kiltz, T. Lepoint, V. Lyubashevsky, P. Schwabe, G. Seiler, and D. Stehlé, “CRYSTALS-Dilithium: Algorithm Specifications and Supporting Documentation,” November 30 2017, https://pq-crystals.org/dilithium/data/

dilithium-specification.pdf.

Secure-IC S.A.S., “SecuryzrTM Product Line,” 2025, https://www.secure-ic.com/products/securyzr/. Accessed May 9, 2025.

K. Lorvellec, R.-R. Shrivastwa, and S. Guilley, “Secure-IC PQC Solutions,” October 30 2024, Version 1, https://csrc.nist.gov/projects/ cryptographic-algorithm-validation-program/details? product=18755.

Sylvain Guilley and Sofiane Takarabt (Secure-IC), “Architecture configured for providing a compression function from within a hash function,” May 1st 2025, Patent pending, US20250141690A1.

M. Azouaoui, O. Bronchain, G. Cassiers, C. Hoffmann, Y. Kuzovkova, J. Renes, T. Schneider, M. Schonauer, ¨ F. Standaert, and C. van Vredendaal, “Protecting Dilithium against Leakage Revisited Sensitivity Analysis and Improved Implementations,” IACR Trans. Cryptogr. Hardw. Embed. Syst., vol. 2023, no. 4, pp. 58–79, 2023. [Online]. Available: https://doi.org/10.46586/tches.v2023.i4.58-79

K. Gandolfi, C. Mourtel, and F. Olivier, “Electromagnetic Analysis: Concrete Results,” in Proceedings of the Third International Workshop on Cryptographic Hardware and Embedded Systems, ser. CHES ’01. London, UK, UK: SpringerVerlag, 2001, pp. 251–261. [Online]. Available: http://dl.acm.org/citation.cfm?id=648254.752700

S. Carré, A. Facon, S. Guilley, S. Takarabt, A. Schaub, and Y. Souissi, “Cache-timing attack detection and prevention - application to crypto libs and PQC,” in Constructive Side-Channel Analysis and Secure Design - 10th International Workshop, COSADE 2019, Darmstadt, Germany, April 3-5, 2019, Proceedings, ser. Lecture Notes in Computer Science, I. Polian and M. Stottinger, Eds., vol. 11421. Springer, 2019, ¨ pp. 13–21. [Online]. Available: https://doi.org/10.1007/ 978-3-030-16350-1_2

S. Mangard, E. Oswald, and T. Popp, Power Analysis Attacks: Revealing the Secrets of Smart Cards. Springer, December 2006, ISBN 0-387-30857-1, http: //www.dpabook.org/.

M. Hamoudi, A. Bel Korchi, S. Guilley, S. Takarabt, K. Karray, and Y. Souissi, “Side-Channel Analysis of CRYSTALS-Kyber and A Novel Low-Cost Countermeasure,” in Security and Privacy, P. Stănică, S. Mesnager, and S. K. Debnath, Eds. Cham: Springer International Publishing, 2021, pp. 30–46.

A. Regenscheid, “NIST Special Publication 800-193 – Platform Firmware Resiliency (PFR) Guidelines,” May 2018, DOI: 10.6028/NIST.SP.800-193.

European Commission, “European Cyber Resiliency Act,” July 13 2023, https://data.consilium.europa.eu/ doc/document/ST-11726-2023-INIT/en/pdf.

NIST, “NIST Selects HQC as Fifth Algorithm for Post-Quantum Encryption,” March 11 2025, https://www.nist.gov/news-events/news/2025/03/nist-selects-hqc-fifth-algorithm-post-quantum-encryption.

L. Chen, D. Moody, and Y.-K. Liu, “PostQuantum Cryptography: Digital Signature Schemes,” 2024, https://csrc.nist.gov/projects/pqc-dig-sig/ standardization/call-for-proposals.

L. Chen, D. Cooper, D. Moody, W. Newhouse, and A. Regenscheid, “Crypto Agility,” February 28 2025,

https://csrc.nist.gov/projects/crypto-agility.

Downloads

Abstract views: 283 / PDF downloads: 125

Published

2025-06-30

How to Cite

Souhayl , B. E. H. S., Yann, C., Guilley, S. ., & Sofiane, T. (2025). Secure Implementation of Post-Quantum Cryptography . Journal of Science and Technology on Information Security, 1(24), 3-11. https://doi.org/10.54654/isj.v1i24.1079

Issue

No1. CS (24) 2025

Section

Papers

License

Proposed Policy for Journals That Offer Open Access

Authors who publish with this journal agree to the following terms:

1. Authors retain copyright and grant the journal right of first publication with the work simultaneously licensed under a Creative Commons Attribution License that allows others to share the work with an acknowledgement of the work's authorship and initial publication in this journal.

2. Authors are able to enter into separate, additional contractual arrangements for the non-exclusive distribution of the journal's published version of the work (e.g., post it to an institutional repository or publish it in a book), with an acknowledgement of its initial publication in this journal.

3. Authors are permitted and encouraged to post their work online (e.g., in institutional repositories or on their website) prior to and during the submission process, as it can lead to productive exchanges, as well as earlier and greater citation of published work (See The Effect of Open Access).

Proposed Policy for Journals That Offer Delayed Open Access

Authors who publish with this journal agree to the following terms:

1. Authors retain copyright and grant the journal right of first publication, with the work [SPECIFY PERIOD OF TIME] after publication simultaneously licensed under a Creative Commons Attribution License that allows others to share the work with an acknowledgement of the work's authorship and initial publication in this journal.

2. Authors are able to enter into separate, additional contractual arrangements for the non-exclusive distribution of the journal's published version of the work (e.g., post it to an institutional repository or publish it in a book), with an acknowledgement of its initial publication in this journal.

3. Authors are permitted and encouraged to post their work online (e.g., in institutional repositories or on their website) prior to and during the submission process, as it can lead to productive exchanges, as well as earlier and greater citation of published work (See The Effect of Open Access).