Finding More Hints–Improved Power Analysis Attacks on Dilithium

CRYSTALS-Dilithium (referred to as Dilithium) is a standard in NIST’s post-quantum cryptography project. However, its design does not include protections against attacks exploiting intermediate data leakage. Since Ravi and Bruinderink introduced schemes to forge Dilithium signatures, numerous works have leveraged power analysis attack to exploit vulnerabilities in Dilithium implementations. In this paper, we revisit previous attacks and identify promising optimization strategies for hints-oriented attacks. In such attacks, an adversary first utilizes side-channel leakage to derive hint equations related to the secret key and then solves for the secret key using these equations. Our new strategy enables each signature to generate more valid hint equations, significantly reducing the number of required signatures for a successful attack. By incorporating machine learning techniques, specifically the Convolutional Neural Network (CNN), we can efficiently detect hint equations with high accuracy. Furthermore, by combining a lattice-based algorithm with hybrid filtering methods, our scheme can further reduce the required number of hint equations. Additionally, our attack method is applicable to Dilithium security levels 2, 3, and 5. For Dilithium-2, the proposed attack successfully recovers the complete secret key even under low Signal-to-Noise Ratio (SNR) conditions, requiring 395, 330, and 305 signatures at SNRs of 0.0167, 0.0210, and 0.0406, respectively.