In this work, we present a systematic study of Side-Channel Attacks (SCA) and Fault Injection Attacks (FIA)
on structured lattice-based schemes, with main focus on Kyber Key Encapsulation Mechanism (KEM) and
Dilithium signature scheme, which are leading candidates in the NIST standardization process for PostQuantum Cryptography (PQC). Through our study, we attempt to understand the underlying similarities
and differences between the existing attacks while classifying them into different categories. Given the wide
variety of reported attacks, simultaneous protection against all the attacks requires to implement customized
protections/countermeasures for both Kyber and Dilithium. We therefore present a range of customized countermeasures, capable of providing defenses/mitigations against existing SCA/FIA, and incorporate several
SCA and FIA countermeasures within a single design of Kyber and Dilithium. Among the several countermeasures discussed in this work, we present novel countermeasures that offer simultaneous protection
against several SCA- and FIA-based chosen-ciphertext attacks for Kyber KEM. We implement the presented
countermeasures within two well-known public software libraries for PQC: (1) pqm4 library for the ARM
Cortex-M4-based microcontroller and (2) liboqs library for the Raspberry Pi 3 Model B Plus based on the
ARM Cortex-A53 processor. Our performance evaluation reveals that the presented custom countermeasures
incur reasonable performance overheads on both the evaluated embedded platforms. We therefore believe
our work argues for usage of custom countermeasures within real-world implementations of lattice-based
schemes, either in a standalone manner or as reinforcements to generic countermeasures such as masking.
