Moody: Researchers didn’t break Crystals-Kyber algorithm; standards course unchanged
Dustin Moody, who leads the post-quantum cryptography project for the National Institute of Standards and Technology, told IQT News the ongoing standardization of the Crystals-Kyber algorithm will not be affected by new research findings that media reports and social media comments have suggested claim a method for breaking the algorithm.
In fact, Moody and subject matter experts posting in the pqc-forum Google Group pointed out that the paper that explains the research, authored by Elena Dubrova, Kalle Ngo, and Joel Gärtner from the KTH Royal Institute of Technology, in Stockholm, Sweden, does not claim to break the algorithm itself, but rather a particular “fifth-order masked implementation of the algorithm.” (IQT has emailed the authors asking for further comment.)
Asked by IQT news via email if the research findings would affect the ongoing standardization of Crystals-Kyber, which was selected as a PQC standard by NIST last July and is expected to be finalized next year, Moody stated, “No. This looks to be a nice research result dealing with side channel attacks and analysis, but it does not ‘break’ Crystals-Kyber. It dealt with a particular implementation of Kyber – not the algorithm itself. See a nice explanation on the pqc-forum (https://groups.google.com/a/list.nist.gov/g/pqc-forum/c/w4o-VCza_so/m/OF9J7b4UAgAJ).”
Moody added, “Side-channel work was part of the evaluation, and will continue to be studied going forward. It highlights the need to have protected implementations. There exist papers that attack pretty much every cryptographic algorithm using side-channels. Countermeasures are developed, and many of the attacks aren’t realistic or practical in real-world scenarios.”
Moody said NIST appreciates the contribution of the research, but added that media misinterpretations of the findings of such papers can be “a bit of a distraction.” Crystals-Kyber was selected as a PQC standard by NIST last July and is expected to be finalized next year.
Dan O’Shea has covered telecommunications and related topics including semiconductors, sensors, retail systems, digital payments and quantum computing/technology for over 25 years.