Single Trace Analysis of Visible vs. Invisible Leakage for Comparison Operation Based CDT Sampling

The emergence of quantum computers poses a significant threat to the security of conventional public-key cryptosystems, driving the demand for quantum-resistant cryptographic solutions. In response, NIST conducted a multi-year competition, ultimately selecting four ciphers. Among these, Falcon employs CDT sampling, which produces arrays of random values derived from a discrete Gaussian distribution during the signature generation phase. This array is then used with secret key information, forming the core of Falcon. Enhanced variants of Falcon, such as Mitaka, SOLMAE, and Antrag, implemented CDT sampling using comparison operations. Previous research by Choi et al. proposed a single trace analysis and countermeasure for CDT sampling, which exploited a non-constant-time vulnerability in 8-bit AVR microcontrollers. However, this vulnerability is specific to certain environments, and a potentioal vulnerability in comparison operation based constant-time CDT sampling remain not studied. This paper is an extension of that study. This paper investigates the constant-time operation of comparison operation-based CDT sampling on Arm Cortex-M4-based chips and proposes a deep learning-based side-channel analysis to recover the sampling values using novel vulnerability. The proposed model achieves an F1 score of 1.0 and a recovery success rate of 99.97%.