1、#BHUSA BlackHatEventsBypassing PQC Signature Verification with Bypassing PQC Signature Verification with Fault Injection:Dilithium,XMSS,SPHINCS+Fault Injection:Dilithium,XMSS,SPHINCS+Fikret Garipay#BHUSA BlackHatEventsHello!Security Engineer at Keysight Device Security Testing Passionate about softw
2、are exploitation and hardware attacks Twitter:erd0spyFikret Garipay2#BHUSA BlackHatEventsAgenda Introduction to Post Quantum Cryptography Target Implementation Voltage Fault Injection in Practice Fault Injection Attacks on Dilithium Verification Fault Injection Attacks on WOTS+in XMSS and SPHINCS+Fa
3、ult Injection on Fault Resistance XMSS Library Key Takeaways and Conclusions3#BHUSA BlackHatEventsIntroduction to Post Quantum Cryptography4#BHUSA BlackHatEventsPost-Quantum Crypto Is Getting Real Quantum computers arent breaking crypto yet.The shift is underway with standards,vendors,firmware PQC i
4、s set to replace RSA,ECC in secure boot,firmware signing,and more.That makes PQC fresh attack surface.5#BHUSA BlackHatEventsPQC Signatures Are Becoming Global StandardsAlgorithmSignature Scheme TypeCNSA 2.0(NSA)StandardDilithiumLattice-basedRequired for all digital signatures(general use)NIST FIPS 2
5、04(ML-DSA)LMSStateful hash-basedApproved for firmware/software signingISO/IEC 14888-4:2024XMSSStateful hash-basedApproved for firmware/software signingISO/IEC 14888-4:2024SPHINCS+Stateless hash-basedNot approved for any use in NSSNIST FIPS 205(SLH-DSA)6#BHUSA BlackHatEventsPQC Signatures in Industry
6、 Multiple vendors now offer PQC solutions for Firmware Update,Secure Boot,Signature VerificationSource:Fabrication begins for production OpenTitan silicon7#BHUSA BlackHatEventsPQC Signatures in Industry Multiple vendors now offer PQC solutions for Firmware Update,Secure Boot,Signature Verification O