Quantum-Safe Public Key Infrastructure (PKI): Evaluating Cache Side-Channel Threats Against CRYSTALS-Kyber

Authors

Stephanie Shinn, Metropolitan State University

Department

Computer Science and Cybersecurity

Document Type

Poster

Abstract

For decades, traditional Public Key Infrastructure has relied on Rivest-Shamir-Adleman (RSA) and Elliptic curve cryptography (ECC) to secure digital communications, including medical records, banking transactions, government communications, and critical infrastructure. As soon as 2030, quantum computers, along with Shor’s algorithm, could break RSA and ECC cryptographic schemes, endangering global cybersecurity. As a countermeasure, the National Security Agency has included CRYSTALS-Kyber, a quantum-safe key encapsulation mechanism, in the Commercial National Algorithm Suite (CNSA) 2.0. However, CRYSTALS-Kyber is vulnerable to cache side-channel attacks (SCAs) that can obtain the secret key and decrypt sensitive data. This research investigates the feasibility of cache SCAs against CRYSTALS-Kyber in a virtualized Windows cloud environment. It also explores the use of artificial intelligence to analyze cache access patterns and infer secret keys. This study will assess real-world risks of cache SCAs within cloud-based environments and propose mitigation strategies to strengthen CRYSTALS-Kyber.

Publication Date

Spring 4-15-2025

Comments

Spring 2025: Student Research Conference

Recommended Citation

Shinn, Stephanie, "Quantum-Safe Public Key Infrastructure (PKI): Evaluating Cache Side-Channel Threats Against CRYSTALS-Kyber" (2025). Student Scholarship. 7.
https://metroworks.metrostate.edu/student-scholarship/7

Creative Commons License

This work is licensed under a Creative Commons Attribution-NonCommercial-No Derivative Works 4.0 International License.