IACR News item: 03 December 2022
Prasanna Ravi, Shivam Bhasin, Anupam Chattopadhyay, Aikata Aikata, Sujoy Sinha Roy
ePrint Report
Post-quantum Cryptography (PQC) has reached the verge of standardization competition, with Kyber as a winning candidate. In this work, we demonstrate practical backdoor insertion in Kyber through kleptrography. The backdoor can be inserted using classical techniques like ECDH or post-quantum Classic Mceliece. The inserted backdoor targets the key generation procedure where generated output public keys subliminally leak information about the secret key to the owner of the backdoor. We demonstrate first practical instantiations of such attack at the protocol level by validating it on TLS 1.3.
Additional news items may be found on the IACR news page.