Hardware Side-Channel Challenges in Post-Quantum Cryptography: Lessons from the Open Source PQC (Q13a)
As organizations move toward quantum-resistant security architectures under FIPS 203 205 and CNSA 2.0 mandates, the implementation of post-quantum cryptography (PQC) on hardware platforms introduces new challenges for assurance, performance, and side-channel resilience. This talk explores the landscape of hardware security for PQC, covering design, verification, and side-channel evaluation of NIST-standardized algorithms such as ML-KEM (Kyber) and ML-DSA (Dilithium). the speakers present an in-depth case study based on recent work analyzing side-channel vulnerabilities in the open-source Caliptra root-of-trust, revealing leakage patterns and potential Differential Power Analysis (DPA) exploit paths during PQC signature operations. The session will also discuss countermeasure strategies, including algorithmic masking, pre-silicon leakage assessment, and post-silicon TVLA methodologies, highlighting how hardware and software co-design can reduce attack surfaces. Attendees will gain insights into emerging hardware assurance methodologies, including test vector leakage assessment, fault detection integration, and AI-assisted leakage localization, as well as best practices for implementing quantum-safe cryptography with measurable side-channel protection suitable for defense and commercial silicon.