Paper 2025/1966
DPA-Style Attacks on HQC
Abstract
HQC (Hamming Quasi-Cyclic) was selected as the fifth algorithm in the NIST suite of post-quantum cryptographic (PQC) standards. As the only code-based algorithm currently standardized by NIST, HQC offers a good balance between security assurance, performance, and implementation simplicity. Most existing power analyses against HQC are of the SPA style: they can recover secrets with a small number of traces, but can only tolerate limited noise. In this paper, we develop a chosen-ciphertext DPA-style attack methodology against HQC. We formalize a dedicated chosen-ciphertext setting in which the adversary selects $(\mathbf{u},\mathbf{v})$ to target the intermediate value $\mathbf{v}\oplus(\mathbf{u}\mathbf{y})$ over $\mathbb{F}_2[x]/(x^n-1)$. We further optimize the attack by reducing its computational complexity and generalizing it to target masked HQC implementations. The proposed approach is validated through both simulation and practical experiments. In noiseless simulations, full-key recovery is achieved with just \(10\) traces, and the required number of traces increases linearly with 1/SNR. In practical evaluations on an STM32F4 microcontroller, the secret key can be recovered with \(50\) traces without profiling and \(20\) traces with profiling. When first-order masking is applied, key recovery on the same hardware target remains feasible by exploiting second-order features, requiring approximately \(3{,}000\) traces without profiling. Our results establish a direct and analyzable connection between leakage on \(\mathbf{v}\oplus (\mathbf{u}\mathbf{y})\) and end-to-end key recovery, emphasizing the necessity of higher-order masking countermeasures for HQC implementations.
Metadata
- Available format(s)
-
PDF
- Category
- Implementation
- Publication info
- Published by the IACR in TCHES 2026
- Keywords
- Side-channel attacksDifferential power analysisHQCTap-based Toeplitz windowed projectionsMasking countermeasures
- Contact author(s)
-
sh1kaku @ sjtu edu cn
wjwang @ sdu edu cn
zhouxiaogang @ chinatelecom cn
yuyu @ yuyu hk - History
- 2026-01-12: revised
- 2025-10-20: received
- See all versions
- Short URL
- https://ia.cr/2025/1966
- License
-
CC BY
BibTeX
@misc{cryptoeprint:2025/1966,
author = {Zhuo Huang and Weijia Wang and Xiaogang Zhou and Yu Yu},
title = {{DPA}-Style Attacks on {HQC}},
howpublished = {Cryptology {ePrint} Archive, Paper 2025/1966},
year = {2025},
url = {https://eprint.iacr.org/2025/1966}
}