Exploring Side-Channel Protections in Hardware Implementations of PQC ML-KEM Verification
By Davis Ranney 1, Yashaswini I Makaram 1, A. Adam Ding 2, Yunsi Fei 2
1 Electrical and Computer Engineering, Northeastern University, Boston, USA
2 Mathematics, Northeastern University, Boston, USA

Abstract
As ML-KEM is adopted as a post-quantum cryptographic standard, resilience against physical side-channel attacks has become essential. Among the constituent steps, the decapsulation Fujisaki-Okamoto (FO) verification is particularly vulnerable to side-channel power and electromagnetic (EM) analysis. In this work, we focus on common FPGA-based implementations and examine their side-channel vulnerabilities, and compare them with those of microcontroller implementations. Three verification implementations, unprotected, hash-based (first-order), and higher-order masked, are evaluated for side-channel security on both a microcontroller and an FPGA. While FPGAs offer higher speed and parallelism, they often exhibit stronger side-channel leakage, especially in high bandwidth configurations. The higher-order masked designs still leak information about the underlying data due to hardware-level effects and data-dependent processing. Our experiments show that their parallelized processing on FPGAs introduces sufficient first-order leakage for full secret-key recovery. These results underscore the persistent challenge of securing PQC algorithms in performance-constrained and parallelized hardware environments.
To read the full article, click here
Related Semiconductor IP
- ML-KEM / ML-DSA Post-Quantum Cryptography IP
- ML-KEM Key Encapsulation & ML-DSA Digital Signature Engine
- ML-KEM Key Encapsulation IP Core
- Fast Quantum Safe Engine for ML-KEM (CRYSTALS-Kyber) and ML-DSA (CRYSTALS-Dilithium)
- Fast Quantum Safe Engine for ML-KEM (CRYSTALS-Kyber) and ML-DSA (CRYSTALS-Dilithium) with DPA
Related Articles
- The Growing Imperative Of Hardware Security Assurance In IP And SoC Design
- Hardware vs. Software Implementation of Warp-Level Features in Vortex RISC-V GPU
- Unlocking the Power of Digital Twins in ASICs with Adaptable eFPGA Hardware
- Hardware Acceleration of Kolmogorov-Arnold Network (KAN) in Large-Scale Systems
Latest Articles
- Exploring Side-Channel Protections in Hardware Implementations of PQC ML-KEM Verification
- CVA6-RT: an Open-Source Time-Predictable RV64 Processor for Mixed-Criticality Systems
- CHIA: An open-source framework for principled, agentic AI-driven hardware/software co-design research
- Croc: Training the Next Generation Chip Designers on Domain-Specific End-to-End Open Source Silicon
- Design and Development of a Neuromorphic Silicon Suite: PVT Sensing, Stochastic LIF Inference, On-Chip STDP Learning, and Crossbar Programming