If you purchase via links on our site, we may receive affiliate commissions.

Flaw spotted in the US government’s quantum-safe encryption algorithm

Updated on: 07 March 2023

Vilius Petkauskas
Senior Journalist

Quantum encryption — Image by Shutterstock.

CRYSTALS-Kyber, a cryptographic algorithm the US chose to quantum-proof its systems, might harbor a previously unknown vulnerability, researchers claim.

Researchers from Sweden’s KTH Royal Institute of Technology claim they devised a way to decrypt information hidden using CRYSTALS-Kyber via a side-channel attack.

To perform such an attack, threat actors take advantage of information gathered from the physical environment of a system to gain access to sensitive data.

Examples of these physical clues include power consumption, electromagnetic leaks, sounds, or timing data. In essence, the attackers look for physical residue by using a cryptographic algorithm.

“Such a method allows us to train neural networks that can recover a message bit with the probability above 99% from high-order masked implementations,” researchers claim.

If the research paper passed peer review, that might spell bad news for Washington. Last July, the National Institute of Standards and Technology (NIST) selected CRYSTALS-Kyber for standardization as a public-key encryption mechanism.

Researchers employed neural networks to penetrate the algorithm’s defenses. Specifically, they employed recursive learning to train the network to recognize specific data masking patterns CRYSTALS-Kyber uses.