Keysight Technologies collaborated with PQShield to evaluate the side-channel attack resistance of PQShield's implementation of the Module-Lattice-Based Digital Signature Algorithm (ML-DSA), a post-quantum digital signature algorithm selected to protect against attacks from both classical and quantum computers.
The evaluation took place at Keysight's Device Security Lab in Delft, Netherlands, and a facility in San Francisco. It focused on validating the implementation's resilience against side-channel attacks, particularly power analysis. Keysight applied side-channel analysis methodologies and precision measurement tools over hundreds of hours of testing, collecting and analyzing over two million traces. The assessment found no evidence of first-order power side-channel leakage in the ML-DSA implementation.
PQShield's ML-DSA uses a two-share masking scheme for the core polynomial multiplication operation to counter side-channel threats. The evaluation confirmed the effectiveness of this countermeasure. Axel Poschmann, VP of Product at PQShield, stated that Keysight's independent validation supports refinement of designs and adherence to stringent security standards. Durga Lakshmi Ramachandran, PQC Solution Lead at Keysight, said the project advances security testing for emerging cryptographic challenges and assists industry leaders in strengthening solutions against side-channel threats.
The work aligns with requirements for high-assurance certifications such as Common Criteria and PSA Certified, as post-quantum cryptography implementations require updated evaluation methods due to their new algorithmic structures.
Keysight's Inspector Software suite, including the Crypto 3 addition to the platform, supports embedded security validation. Crypto 3 allows faster prototyping and analysis of new ciphers and attack strategies by breaking down cryptographic operations into independent blocks, enabling targeted testing of specific components.
