Skip to main content

Testing Post-Quantum Cryptography Implementation Security

This document consolidates community-driven insights and recommendations for implementation security testing of post-quantum cryptography, detailing essential terminology, open-source tools, hardware/software implementations, and strategies for creating reproducible side-channel datasets tailored to the unique challenges of PQC algorithms.

Latest version: Testing Post-Quantum Cryptography Implementation Security v0.5 (6/4/2025)

BibTex
@misc{pqc-optimist2025,
author = {Aydin Aysu and Daniel Dinu and Kris Gaj and Fatemeh Ganji and Mona Hashemi and Renita J and Dev Mehta and Markku-Juhani O. Saarinen and Patrick Schaumont and Caner Tol},
title = {Open Tools, Interfaces and Metrics for Implementation Security Testing: Testing Post-Quantum Cryptography Implementation Security},
year = {2025},
month = {June},
day = {4},
version = {0.5},
note = {Working Document},
url = {https://optimist-ose.org/assets/files/pqc05-06308116ce3dcd2d2edd34255985f303.pdf},
institution = {Optimist OSE},
howpublished = {Online},
}

Opening Talks

  • Markku-Juhani O. Saarinen, Professor of Practice, Tampere University — How to do Dilithium TVLA (with Adams Bridge examples) [Slides]

    Abstract

    TVLA leakage assessments are often used in academia and industry to demonstrate the effectiveness of PQC side-channel countermeasures. TVLA is discussed in the ISO/IEC 17825:2024 standard and may eventually be part of FIPS 140 testing procedures. However, applying TVLA to PQC algorithms such as ML-KEM and ML-DSA is not as straightforward as one might think; for example, test designer must understand which of the numerous key and internal variables are sensitive -- and which are not. We use the Adams Bridge accelerator as an example case. Adams Bridge is the ML-DSA (Dilithium) accelerator component of the Caliptra 2.0 Root of Trust unit. Caliptra is an open-source Root-of-Trust project jointly developed by AMD, Google, Microsoft, NVIDIA, and other partners. This is a "preview" of parts of my hardware.io 2025 talk (at the end of May), "Why 'Adams Bridge' Leaks: Attacking a PQC Root-of-Trust."

  • Sujoy Sinha Roy, Associate Professor, TU Graz — Hardware Challenges in PQC [Slides]

    Abstract

    I will give an overview of the challenges hardware designers typically face while implementing PQC algorithms. I will briefly touch on reproducibility/portability issues for PQC hardware designs.

  • Panasayya Yalla, Principal Security Analyst, Riscure Security Solutions / Keysight Technologies — TVLA on NTT transformations [Slides]

    Abstract

    I will provide a high-level overview of our efforts in generating test vectors to assess side-channel leakage in NTT transformations, with a particular focus on butterfly NTT transformations within the ML-DSA PQC algorithm.

References

  1. The MITRE Corporation, Post-Quantum Cryptography (PQC) Migration Roadmap, 2025 [Online] https://pqcc.org/wp-content/uploads/2025/05/PQC-Migration-Roadmap-PQCC-2.pdf

Working Group Meetings

  • April 10, 2025, 3PM GMT (11AM EDT) - Working Group Meeting 1
  • April 24, 2025, 3PM GMT (11AM EDT) - Working Group Meeting 2
  • May 8, 2025, 3PM GMT (11AM EDT) - Working Group Meeting 3

Interested in Joining or Giving Feedback?

Stay Updated!

Join our mailing list for
the latest news.

Join Now