CRYSTALS-Kyber has been selected by the NIST as a public-key
encryption and key encapsulation mechanism to be standardized. It
is also included in the NSA's suite of cryptographic algorithms
recommended for national security systems. This makes it important
to evaluate the resistance of CRYSTALS-Kyber’s implementations to
side-channel attacks. The unprotected and first-order masked
software implementations have been already analysed. In this paper,
they present deep learning-based message recovery attacks on the
ω-order masked implementations of CRYSTALS-Kyber in ARM Cortex-M4
CPU for ω ≤ 5. The main contribution is a new neural network
training method called recursive learning. In the attack on an
ω-order masked implementation, they start training from an
artificially constructed neural network M ω whose weights are
partly copied from a model M ω−1 trained on the (ω − 1)-order
masked implementation, and then extended to one more share. Such a
method allows them to train neural networks that can recover a
message bit with the probability above 99% from high-order masked
implementations.
Read more https://packetstormsecurity.com/files/171138/2022-1713.pdf