Title: HOPE-MLKEM A Framework for designing High-Order Side-Channel Protected Hardware Implementations of ML-KEM
Authors: Eros Camacho-Ruiz, Pablo Navarro-Torrero, and Alejandro Cabrera Aldaya
Venue: IACR Transactions on Cryptographic Hardware and Embedded Systems, Volume 2026, Issue 2.
Abstract: ML-KEM (formerly Kyber) has recently been adopted as FIPS 203 in the NIST Post-Quantum Cryptography standardization process. While existing hardware implementations primarily optimize for performance, they often lack protections against side-channel attacks. We introduce HOPE-MLKEM, a framework that includes the first configurable, open, and full-hardware implementation of ML-KEM with integrated high-order protection against timing and power side-channel attacks. Our modular architecture supports all security levels and operations, incorporating optimized building blocks for polynomial arithmetic, modular multiplication, and programmable control logic. At the same time, this methodology enables the seamless integration of masking countermeasures up to high orders. We evaluated HOPE-MLKEM on FPGA and ASIC platforms, achieving competitive results compared to state-of-the-art unprotected designs while providing resistance against high-order side-channel attacks. Beyond its technical contributions, HOPE-MLKEM is released as an open-source framework to foster community-driven exploration of design choices, leakage evaluation, and hardware optimizations.