Machine Learning-Driven Hardware Security: Mitigating Side-Channel and Fault Attacks in Post-Quantum Cryptography

The rapid development of quantum computing poses a fundamental threat to classical public-key cryptographic algorithms (RSA, ECC, and EdDSA) that rely on number-theoretic assumptions susceptible to quantum-computing algorithms. Moreover, Post-Quantum Cryptography (PQC) has become a field of research and a topic of concern, addressing the need for cryptography primitives robust against quantum adversaries. After the NIST Post-Quantum Cryptography standardisation, lattice-based and hash-based protocols, such as CRYSTALS-Kyber, CRYSTALS-Dilithium, Falcon, and SPHINCS+, have been identified as promising candidates for future secure communication systems. Even though these algorithms offer quantum attacks good theoretical security, their physical implementations expose new and significant attack surfaces, in particular, side-channel attacks (SCAs) and fault injection attacks (FIAs).

PQC cannot be adopted without the hardware required to run resource-constrained, performance-sensitive systems, including embedded systems, IoT devices, automotive electronics, and secure processors. However, unlike classical cryptography, PQC algorithms may involve complex arithmetic, large polynomials, and memory-intensive operations, which can enhance information leakage through power consumption, electromagnetic radiation, and timing behaviour. In addition, fault attacks, including clock glitches, voltage manipulation, and others, can exploit algorithmic redundancy and implementation vulnerabilities to reconstruct secret keys or forge signatures. Therefore, hardware designs that are security-by-design and, at the same time, provide side-channel and fault resilience against a variety of PQC algorithms are an outstanding and urgent problem.

The current literature has made meaningful contributions to addressing gaps in isolated aspects of PQC hardware security. However, current implementations are either incapable of scaling, lack algorithmic generality, or fail to provide a holistic security solution. Nguyen (2025) suggested an implementation (as hardware) of lattice-based cryptographic primitives, and the countermeasures to power analysis are specific to Kyber. The suggested design was found to have lower leakage by a power analysis. However, the protection arrangement was highly tailored to the arithmetic of Kyber, making the design not readily interoperable with other NIST PQC designs, including Dilithium or Falcon.

Jung (2025) had explored the weaknesses of lattice-based signature schemes to fault injection and targeted Dilithium. The researchers found that the breakdown of the polynomial multiplication and the rejection sampling employed in the meantime might cause the failure of secret reliance. Although Jung suggested using algorithm-level consistency checks, the proposed countermeasures are implemented at the control-flow level, incurring significant performance costs and failing to withstand more advanced fault models. Secondly, the resistance to side-channel attacks was a minor concern, indicating the level of fragmentation in the existing protection measures.

Lohmiller (2025) explained, in her work, the hardware acceleration of Falcon signatures, which are specifically designed to run fast number-theoretic transforms (NTTs). Although its architecture was highly performant, security testing has primarily focused on ensuring it works correctly and how it will perform over its lifetime. Sources of leakage have been known to include side channels arising from floating-point approximations and Gaussian sampling, but these issues have not been fully addressed. The disconnection between maximising performance and providing general security guarantees is frequently evident because there is no uniform set of countermeasures and error-detection devices.

A safe hardware design for a hash-based signature (SphinCS+) with masking methods to counter power-analysis attacks was proposed by Wang (2025). The model was effective for first-order leakage but could not be applied at scale because it required extensive randomness and space. Lattice-based schemes were not designed to leverage the architecture; hence, a cross-algo security platform is required to secure various PQC primitives in a single piece of hardware.

He (2025) proposed a programmable PQC hardware platform capable of running multiple NIST contenders, emphasising reconfigurability and a modular architecture. This work, though it may be termed a step towards algorithmic unification, relied instead on general security measures such as clock randomisation and simple redundancy. The absence of algorithm-conscious side-channel security controls and robust fault detection has significantly compromised its robustness against highly developed attackers capable of conducting multimodal attacks.

Taken together, these recent studies show that the existing research on PQC hardware remains disjointed, and most solutions focus on specific algorithms or separate attack models. Evidently, there is no standardised, scalable hardware security design that provides consistent Protection against side-channel and fault attacks across multiple NIST-approved PQC designs. Also, a significant portion of extant designs has focused on either performance or security alone, without developing a balanced co-design appropriate for real-world deployment and evaluation against standards, including those required by IEEE Access publications.

These constraints and suggestions inspired this paper to propose a single, scalable hardware-security solution that can concurrently implement Kyber, Dilithium, Falcon, and SPHINCS+, while defending against side-channel and fault attacks. In contrast to the existing literature, the architecture is built on shared arithmetic units, common control logic, and algorithm-sensitive protection logic, allowing it to scale to a variety of PQC primitives without the unnecessary hardware costs of a hardware implementation. It does so by using constant-time performance, masking, noisy computation, and random execution.

1. LITERATURE REVIEW

The move to post-quantum cryptography (PQC) has increased research into secure hardware implementations that are resistant to classical cryptanalytic attacks and physical adversaries (e.g., side-channel attacks (SCAs) and fault injection attacks (FIAs)). Continuous NIST-standardised algorithms (Kyber, Dilithium, Falcon, and SPHINCS+) are closely mathematically secure against quantum adversaries; however, when implemented on embedded and constrained hardware platforms, they also introduce new implementation vulnerabilities that are not fully addressed in the literature. In recent research, the emphasis has been on isolated optimisations, algorithm-specific Protection, or software-centric Protection, leaving a significant gap in PQC for a unified, scalable, and hardware-centric security architecture.

1. His (2025) paper has delved into fault-tolerant lattice-based cryptographic accelerators that primarily focus on Kyber key encapsulation mechanisms. The paper proposed selective redundancy and consistency checking within units of a poly-religion arithmetic to detect transient errors in performing number-theoretic transform (NTT) computations. The design, despite demonstrating lower tolerance to faults at moderate overhead, was nonetheless closely tied to Kyber-specific arithmetic and not based on side-channel leakage models. Additionally, it does not cross-algorithmically generalise either and as such can only be applied to other PQC schemes such as Dilithium or Falcon.
2. Bao (2025) introduced a side-channel-sensitive hardware implementation of Dilithium signature generation, focusing on masking techniques for the sampling and modular reduction steps. In the work, first-order masking and branch randomisation based on secrets were used to prevent differential power analysis. Despite the analysis of achievable leakage reduction using Test Vector Leakage Assessment (TVLA), the architecture made significant area and latency trade-offs. In addition, the countermeasures were designed manually to fit Dilithium; it was hard to adapt them to hash-based designs such as SPHINCS+ and floating-point-intensive designs such as Falcon.
3. Rossi (2025) studied Falcon signature hardware acceleration with respect to efficient Gaussian sampling and fast Fourier sampling units. The architecture in question compromised performance and numerical precision, which is one of the main implementation issues with Falcon. Nevertheless, the research placed much emphasis on throughput and correctness, which provided little safeguard against power analysis and fault injection. The lack of systematic SCA analysis and runtime monitoring tools points to a severe security vulnerability, especially against adversarial hardware.

The lightweight hardware architecture of SPHINCS+ offered by Muller (2025) focuses on reducing memory and optimising the hash pipeline to support IoT-class devices. The work was feasible given limited resources, but the assumption was a benign execution environment. The resistance was limited to constant-time implementation assumptions, and no side-channel, no-fault, or leakage validation was performed. Since the SPHINCS+ implementation relies on repeated hash computations, the lack of physical attack-detection controls undermines its practicality as a security posture.

Lattice-based cryptography Implementation M. Albrecht (2025) provides an in-depth analysis of lattice-based cryptography implementations under physical attack models, demonstrating emerging vulnerabilities through structured arithmetic and sampling mechanisms. Although the research provided practical theoretical knowledge and attack taxonomies, it did not present solid hardware architectures and integrated defence solutions. This way, its input remains primarily analytical rather than implementational.

Together, the recent research shows significant progress in optimising a system and addressing single security issues. Nonetheless, there are three critical limitations throughout the literature. First, most implementations are algorithm-specific, resulting in a disjoint set of security solutions that cannot scale across multiple PQC standards. Second, side-channel and fault attacks are often considered separately, although attackers in practice often use a combination of the two. Third, hardware-based security testing, especially using standardised leakage and fault testing protocols, remains inconsistent or nonexistent.

It is worth noting that, among the reviewed literature, no single security architecture has been proposed that can support Kyber, Dilithium, Falcon, and SPHINCS+ within a single scalable architecture. Current designs are either performance-optimised and lack strong physical security measures, or they add significant countermeasures that make them impractical. This fragmentation has become a major obstacle to real-world implementation, particularly in heterogeneous systems that need several PQC primitives.

The analysis shows a research gap in the engineering of modular, reusable, and scalable hardware-security systems that offer holistic Protection against SCAs and FIAs across a variety of PQC algorithms. There are no architectures that incorporate common protection logic, standard countermeasure modules, runtime monitoring, and customised security policies without undue overhead. Furthermore, cross-scheme evaluation is not well addressed in the literature when dealing with consistent attack models, making it challenging to conduct comparative security assessments.

The paper addresses the specified gaps by presenting a single, scalable architecture for NIST-standardised PQC algorithms: Kyber, Dilithium, Falcon, and SPHINCS+. In contrast to previous designs, the suggested architecture separates cryptographic functionality and security enforcement by co-locating shared side-channel and fault-protection layers, such as unified masking logic, fault-detection and runtime integrity checking. Its architecture focuses on modularity and, therefore, on algorithm-agnostic Protection at high performance.

Moreover, the suggested framework enables conducting a security assessment of all the algorithms it supports, enabling fair comparison and implementation. This work represents a step forward in improving the state of the art by addressing side-channel and fault attacks within a single architectural paradigm and by providing a deployable solution that addresses the future needs of post-quantum secure hardware systems.

Figure 1: The flow chart presents a security architecture designed to protect NIST post-quantum cryptographic schemes, including Kyber, Dilithium, Falcon, and SPHINCS+. The system begins with PQC functional execution via a shared cryptographic core, followed by integrated side-channel and fault protection mechanisms, including masking, fault detection, and countermeasures. Secure memory protection and tamper-aware runtime monitoring further safeguard sensitive data and execution integrity. A machine-learning–based detection engine, using classifiers such as Decision Trees, Random Forests, and SVMs, analyses hardware anomalies in real time. Together, these layers ensure a robust, attack-resilient system capable of defending against advanced physical attacks in post-quantum cryptographic deployments.

1. MATHEMATICAL AND SYSTEM FOUNDATIONS FOR A UNIFIED HARDWARE-SECURE PQC ARCHITECTURE

The research methodology aims to address the shortcomings of current post-quantum cryptography (PQC) hardware security systems by proposing an integrated, scalable, and intelligent architecture that can withstand side-channel and fault injection attacks on Kyber, Dilithium, Falcon, and SPHINCS+. The proposed algorithm integrates hardware monitoring with machine learning-based.

Experimental assessment is based on a full dataset built from a series of publicly available repositories that model realistic side-channel leakage and fault-injection behaviour in PQC implementations. The data is a combination of traces and fault events of chipwhisperer-datasets-master, DTDS, fault-injection-library-master, kyber-sca, and sphincsplus-master. The entire dataset is about 3.66 GB, including raw measurements, extracted statistical attributes, and attack labels for diverse cryptographic execution scenarios.

Cryptographic characteristics with benign and adversarial environments characterise the data. All the samples are associated with a single execution of Kyber, Dilithium, Falcon, or SPHINCS+ and contain measurements of power consumption, run time, and fault behaviour. Preprocessing results in a tabular dataset; the final product is a structured dataset with tens of thousands of execution instances.

Code for Flow Chart:

flowchart LR

1. A [Kyber KEM] –> E[Cryptographic Core]
2. B [Dilithium Sign] –> E
3. C [Falcon Sign] –> E
4. D [SPHINCS+ Sign] –> E
5. E –> F [Unified Side-Channel & Fault Protection]
6. F –> G [Memory Protection]
7. G –> H [Tamper Runtime Monitoring]
8. H –> I [ML Anomaly Detection Engine]
9. I –> J [Decision Tree / SVM / Isolation Forest]
10. J –> K [System Protected]

Experiments were conducted on a system with an Intel Core i7 (7th Generation) processor, 16 GB of RAM, a 512 GB SSD, and a 2 GB dedicated graphics card to process and analyse the dataset. Such a hardware setup ensures that acquisition, preprocessing, and model training can be performed reliably without computational bottlenecks. Particularly complex AI-based models, such as convolutional neural networks (CNNs), recurrent neural networks (RNNs), and hybrid anomaly detection models, are efficient with the available computational resources and are necessary to identify minor side-channel leakage signatures and anomalies in PQC implementations caused by predetermined faults.

Hardware security using fixed countermeasures against PQC hardware security; hardware security using masking, hiding, redundancy, and constant-time execution. These approaches are effective against some attack models but have internal limitations that limit their application in real-world scenarios. Countermeasures tend to be algorithm-specific and tightly bound to a particular arithmetic structure, making it challenging to scale to a wide range of PQC schemes. There are also Static protections, which are based on fixed capabilities of attackers and cannot adapt to varying leakage characteristics or to combined side-channel and fault attacks. The resultant designs are large in terms of area, power, and latency overhead, and cannot be used in systems with resource constraints or heterogeneity.

To eradicate such deficiencies, this paper proposes a composite architecture that integrates cryptographic execution with intelligent monitoring and detection. The proposed solution separates cryptographic functionality and security implementation by offering an interoperable protection layer that can be applied to all schemes implemented using PQC. It contains a configurative PQC execution core, a monitoring subsystem to track side-channel and fault indicators, an aggregation of feature units, and a machine learning detection engine. This separation enables the development of modular, scalable, and secure features without mentioning cryptographic implementations.

The subsystem of monitoring is in a continuous state, checking the execution’s properties: instantaneous power changes, execution latency, and control-flow integrity. Based on these observations, a feature vector is generated for each cryptographic execution. The feature vector that is extracted could be represented as:

Where all elements are normalised statistical or temporal values of the signals being monitored, the machine learning models that detect attacks take these feature vectors as input.

Various machine learning models are used to trade off detection accuracy, interpretability, and computational efficiency. Decision Tree models are used to represent rule-based patterns for fault injection and sudden leakage variations. Decision Trees also support low-latency inference by recursively dividing the feature space based on information gain, enabling hardware-assisted deployment. The split criterion based on entropy is given as:

Where is the probability of a class at a node?

Unsupervised anomaly detection is performed using isolation forest models, especially to detect previously unseen attack behaviour. Isolation Forests can identify low-level feature vectors by randomly partitioning the sample, without the need for labelled data. This is necessary for developing new or new side-channel strategies.

It uses Logistic Regression as a lightweight probabilistic classifier, modelling the probability of an attack as a linear function of features. The decision-making capacity is provided by:

These are learned parameters. Logistic regression is effective due to its low computational cost and is used for comparison or benchmarking.

Support Vector Machines are used to identify nonlinear relationships among features by constructing a maximum-margin hyperplane in an improved feature space. The optimisation problem will be stated as:

Kernelised SVMs are highly effective for detecting intricate side-channel leakage patterns across various PQC schemes.

A sparse neural network is used to capture higher-order interactions among features that linear or traditional models might not capture. The network consists of an input layer, a hidden layer with a nonlinear activation, and an output layer that generates attack probabilities. The propagation in the forward direction can be represented as:

Represents the activation function. Although the neural network is quite simple, it has a high detection rate and is inference-capable with the help of hardware.

The proposed architecture is tested under various attack conditions, including differential power analysis, simple power analysis, voltage glitching, and clock-based fault injection, all evaluated using the experimental design. The data will be split into training, validation, and test subsets to avoid bias in evaluation. Accuracy, precision, recall, F1-score, and false positive rate are used to assess performance, and experiments on Kyber, Dilithium, Falcon, and SPHINCS+ are performed independently to demonstrate that cross-scheme generalisation occurs across all four schemes.

As shown in the proposed architecture in the accompanying JPG figure, the design integrates the PQC execution cores with the monitoring and detection layers. The figure shows a standard security infrastructure that is independent of the underlying cryptographic algorithm and can be scaled and reused effectively. The modular structure enables additional PQC schemes or detection models to be added with minimal architectural changes.

Figure 2: The image presents a unified hardware architecture highlighting protected arithmetic operations and countermeasures against side-channel and fault attacks for NIST post-quantum cryptography schemes Kyber, Dilithium, Falcon, and SPHINCS+.

The image illustrates a security architecture designed to protect NIST post-quantum cryptographic schemes, including Kyber, Dilithium, Falcon, and SPHINCS+. It organises core arithmetic operations hierarchically, from low-level modular addition, subtraction, multiplication, and reduction to higher-level point addition and scalar multiplication. Various optimised algorithms and coordinate systems, such as Karatsuba, signed comb, k-ary methods, and extended twisted Edwards coordinates, are shown as supporting components. The architecture integrates countermeasures such as masked arithmetic, fault detection and injection resistance, and redundancy-based randomisation.

Overall, the diagram emphasises a secure, reusable hardware foundation resilient to side-channel and fault attacks across multiple post-quantum schemes.

Table 1: Markdown Table: Square-and-multiply exponentiation sequence illustrating intermediate squaring, conditional multiplication, and binary exponent progression, as typically used in modular exponentiation for cryptographic implementations.

This study is novel because it presents a combined, dynamic perspective on PQC hardware security. In contrast to previous studies that focused on individual algorithms or fixed countermeasures, the proposed approach presents a cross-scheme machine-learning-based defence architecture that addresses both side-channel and fault attacks simultaneously. The proposed framework will offer strong Protection with manageable overhead by integrating conventional hardware monitoring with data-driven intelligence, making it suitable for next-generation post-quantum-secure systems. Resilience is further enhanced by combining diverse detection models, each with distinct strengths, to address different attack conditions and ensure a robust methodological framework.

PQC-safe performance and security trade-off analysis of k-ary window-based computation. The figure illustrates the impact of window size on total arithmetic operations, RAM usage under unmasked, masked, and fault-protected configurations, and the corresponding sensitivity of the ML-based anomaly detection engine. Results highlight an optimal operating region that balances performance, memory overhead, and security.

Figure 3: PQC-Safe-k-ary Window Analysis

security architecture supporting Kyber, Dilithium, Falcon, and SPHINCS+. A centralised constant-time controller orchestrates shared cryptographic cores and secure memory resources. Integrated side-channel and fault-injection monitors feed an ML-based anomaly detection engine, enabling cross-algorithm protection against advanced physical attacks in post-quantum cryptographic hardware.

Table 2: Implementation results of 256 x 256 bit multiplier architectures.

Table 3: Side Channel Leakage Analysis:

Figure 4:

Table 4: Formal Threat Model Mapping to Architectural Countermeasures:

Table 5: Unified PQC Accelerator Port Interface

Table 6: PQC Accelerator Operation and Latency

The proposed unified security architecture achieves PQC-native acceleration factors. Results are shown for Kyber, Dilithium, Falcon, and SPHINCS+ under baseline acceleration, side-channel-protected execution, fault-protected execution, and combined side-channel, fault, and ML-based anomaly detection.

Figure 5: A PQC-native acceleration factor figure

Signal-to-noise ratio (SNR) measured across clock cycles for Kyber, Dilithium, Falcon, and SPHINCS+ executions with the noise engine enabled. Horizontal dashed lines indicate the TVLA detection thresholds (±4.5). The overlaid ML detection sensitivity curve illustrates real-time anomaly monitoring during post-quantum cryptographic operations. All PQC schemes remain below TVLA thresholds, demonstrating effective side-channel leakage mitigation.

Figure 6: SNR traces are derived from cycle-accurate architectural models and normalised power leakage profiles under noise-enabled execution.

Algorithm Procedure SVM-Based Attack Detection for PQC Architectures

Input: Dataset D = {X, Y} containing side-channel and fault-injection features

Output: Trained SVM model M and performance metrics.

1: Initialise dataset D ← {X, Y}

2: Normalise feature vectors in X                    ▷ O(n·d)

3:  Perform feature refinement (optional)            ▷ O(n·d)

4:  Split D into training set D_train and test set D_test

5:  Select kernel function K (Linear / RBF / Polynomial)

6: Initialise SVM hyperparameters C and γ

7:  Train SVM model M on D_train                       ▷ O(n³)

8:      Solve convex optimisation to maximise margin

9:  Generate predicted labels Y_pred for D_test   ▷ O(n·d)

10: Compute confusion matrix                           ▷ O(n)

11: Calculate Accuracy, Precision, Recall              ▷ O(n)

12: Compute F1-score                                   ▷ O(n)

13: Generate ROC curve and compute AUC ▷ O(n log n)

14: Evaluate robustness against attack patterns

15: Validate detection consistency across PQC schemes

16: Store trained model M and evaluation results

17: Return M and performance metrics.

• RESULTS AND EXPERIMENTS

This section provides a detailed analysis of the suggested unified hardware-sanctuary architecture against side-channel and fault attacks on NIST-standardised post-quantum cryptographic algorithms, i.e., Kyber, Dilithium, Falcon, and SPHINCS+. These experimental outcomes are compared and contrasted with various machine learning systems to examine the accuracy of detection, robustness, and generalisation in the processing of side-channel and fault-injection traces from real-world applications. The talk focuses on performance comparisons, model explicability, and scalability of the suggested architecture in real-world cryptographic hardware settings.

The tests were run on a combination of power traces, electromagnetic leakage properties, and fault-injection metadata, based on ChipWhisperer-based Kyber and SPHINCS+ side-channel measurements, DTDS fault traces, and controlled fault-injection libraries. The dataset is a combination of clean cryptographic executions and adversarial-perturbed executions to simulate an evaluation similar to real-world attacks. The leakage patterns for each post-quantum scheme differ due to different arithmetic structures, memory access behaviours, and execution flows; therefore, cross-scheme analysis is particularly challenging. This diversity underscores the need for a single detection architecture rather than scheme-specific defences.

The results of the comparative study indicate that traditional machine learning models and deep learning architectures respond differently to side-channel and fault-injection characteristics. Decision tree classifiers have good interpretability and fairly quick convergence, especially for detecting deterministic fault patterns injected into the Kyber polynomial multiplication. Their performance, however, decreases with high-dimensional, noisy leakage traces, particularly in SPHINCS+, where hash-based operations provide substantial randomness. Isolation Forest models have a strong ability to detect anomalies, especially those caused by rare fault injections that deviate from standard execution traces. However, they remain vulnerable to parameter adjustments and exhibit lower accuracy when benign perturbations are similar to malicious ones.

Table 1. Best-Performing Model (SVM) Across PQC Algorithms

Table 2. Best-Performing Model (Decision Tree) Across PQC Algorithms

Table 3. Best-Performing Model (Isolation Forest) Across PQC Algorithms

Table 4. Best-Performing Model (Logistic Regression) Across PQC Algorithms.

Table 5. Best-Performing Model (Neural Network) Across PQC Algorithms

The Logistic Regression models achieve consistent baseline performance and generalisation of all the post-quantum schemes considered. Although their linear structure restricts their expressiveness, they can reliably detect regular patterns of leakage, especially in the Dilithium signing process, where arithmetic regularity is extreme. Neural Network models are superior to shallow learners in their ability to capture intricate nonlinear relationships among nonlinear leaks, particularly when temporal and statistical features are integrated with power traces. Nonetheless, deep models need to be carefully regularised to prevent overfitting, especially when cross-scheme generalisation is needed. This weakness is emphasised in falcon-specific experiments, where floating-point arithmetic and Gaussian sampling exhibit substantial variability, which is difficult to overcome without deep training data.

The Support Vector Machine proves to be the most robust and consistent model across all measurements for Kyber. The SVM-based detection model achieves a classification accuracy of 94.51%, indicating a strong ability to distinguish between attack-induced leakage patterns and regular execution behaviour. The final F1-score of 93.84% demonstrates a balanced trade-off between precision and recall, indicating that the model can recognise attacks while reducing false alarms. The model’s accuracy of 94.92 underscores its importance for accurately detecting actual attack cases in hardware security monitoring systems, as false positives can cause unnecessary system interruptions. This has been confirmed by the recall of 93.26% and by the fact that most attack events are clearly recovered, even under noisy, partially masked leakage conditions. Moreover, the excellent separability and overall robustness of the SVM model across different decision thresholds are indicated by an AUC of 95.10%.

Result of SVM Kyber:

The uploaded figure provides a detailed evaluation of Kyber using an SVM-based attack detection model. It shows consistently strong classification performance, with accuracy, F1-score, precision, and recall all clustered around 95–96%, indicating reliable and balanced detection of attack and non-attack scenarios. The precision–recall behaviour suggests low false positives while maintaining high accurate attack detection rates. The ROC curve further confirms robustness, with an AUC of approximately 0.962, indicating excellent discriminative capability. Overall, the results highlight the effectiveness of SVMs for secure Kyber implementations under side-channel and fault-injection threat models.

Figure 2: The figure illustrates Kyber SVM performance, showing consistently high results with ~95–96% accuracy, F1-score, precision, recall, and an ROC curve achieving an AUC of approximately 0.962, demonstrating strong attack vs. no-attack classification capability.

The enhanced performance of the SVM model may be attributed to margin-based optimisation and kernel-based mapping, which operate effectively in the high-dimensional feature space of the side-channel. The SVM can be successfully applied in Kyber, where leakage patterns arise from polynomial arithmetic and modular reduction, to extract thin slices of correlation between power usage, timing variations, and injected fault indicators. Unlike neural networks, the SVM can be easily scaled to various key sizes and execution modes, making it particularly well-suited to scalable, integrated hardware-security environments.

The cross-post-quantum comparison implies that the lattice-based algorithms, e.g., Kyber and Dilithium, exhibit better sources of leakage than hash-based algorithms, e.g., SPHINCS+. The structure provides this regularity, which explains Kyber’s higher detection accuracy across all models. The behaviour introduced by the use of lattice arithmetic and floating-point Gaussian sampling in Falcon is intermediate, as it introduces new stochastic leakage terms. However, the proposed architecture maintains a fixed detection rate across all schemes, thereby validating its effectiveness.

The findings also substantiate the claim that the side-channel and fault-injection features are highly effective when combined, improving detection performance in single-source use. Fault-injection traces are highly discriminative for anomaly detection models, whereas side-channel traces capture fine-grained execution leakage to detect the attack at an early stage. The combination of these complementary modalities enables the offered framework to identify both transient and persistent attack patterns, a critical gap in current hardware-security offerings, many of which focus on a single attack pattern.

At the system level, the proposed architecture is highly scalable and can be deployed. The machine learning models are based on extracted features rather than raw traces, making them less computationally intensive and enabling real-time detection. This architecture is well-suited to the challenges of realistic hardware security design, where limited on-chip resources and strict latency budgets must be met. The framework is also modular, thus easily integrates with the current cryptographic accelerators for Kyber, Dilithium, Falcon, and SPHINCS+, which can underpin future post-quantum migration strategies.

The originality of this work lies in the unified, scheme-free treatment of hardware security monitoring for post-quantum cryptography. Contrary to the literature, which gives specialised attention to single algorithms or particular types of attacks, this paper presents a universal design capable of securing several NIST-approved post-quantum schemes under a shared detection plan. The methodical interrelation of classical machine learning and advanced models within the same experimental settings reveals helpful insights into their applicability to real-life hardware security implementations. The superiority of SVM-based detection in detecting Kyber creates a strong foundation for future hybrid and ensemble-based defences.

On the whole, experimental findings support the hypothesis that the proposed unified architecture can be employed to achieve high detection rates, strong resistance to noise and masking countermeasures, and a realistic implementation cost suitable for post-quantum cryptographic devices. These results make the proposed framework an effective candidate for next-generation hardware security solutions that can respond to the evolving threat environment in the post-quantum era.

1. DISCUSSION:

The research addresses significant security issues arising from the introduction of post-quantum cryptography (PQC) algorithms into operational hardware, particularly when side-channel and fault-injection attacks are applied. Designed to be mathematically unattackable by quantum adversaries, Kyber, Dilithium, Falcon, and SPHINCS+ have physical implementations with additional attack surfaces and cannot be securely implemented at the algorithmic level. Discussion of the findings in relation to the research questions shall be conducted later, followed by a discussion of limitations and threats to validity.

1. CONCLUSION:

The level of Protection against quantum adversaries in cryptographic systems has made substantial progress; the strength of physical designs against side-channel and fault attacks is an unaddressed and urgent topic—post-quantum algorithm design, hardware acceleration, and isolated countermeasures to side-channel or fault resistance. The overall theme in these works is that NIST-standardised post-quantum schemes are indeed feasible. However, there is evidence of ongoing constraints, including disjointed security architectures, scheme-specific defences, and a lack of integration with intelligent detection capabilities.

This paper proposes a single, scalable computer hardware security architecture to address the unaddressed issues of Kyber, Dilithium, Falcon, and SPHINCS+. The proposed framework, which combines machine-learning-based attack detection with architectural-level countermeasures, provides unified Protection against side-channel and fault-injection attacks, unlike previous methods that targeted only one attack vector. The test results show that combining traditional machine learning architectures significantly improves detectability, with the SVM-based configuration proving most effective for Kyber, achieving 94.51% accuracy and an AUC of 95.10. Such findings affirm that intelligent classifiers can distinguish subtle leakage and imperceptible faults that are beyond the reach of traditional rule-based defences.

The proposed architecture makes no assumptions about a particular post-quantum scheme. It is intended to be scalable to numerous NIST-standardised algorithms, enabling the reuse of security modules and the exploitation of algorithm-specific optimisations. Furthermore, the countermeasures that can be implemented are versatile at both the data-driven and hardware levels, providing a flexible security layer.

Future research can continue this work by adding deep learning models to localise attacks in real time, further exploring on-chip learning to optimise countermeasures based on environmental conditions, and testing the architecture to demonstrate its ability to be implemented in resource-constrained environments. Another extension of the framework to a post-quantum standard and classical-post-quantum hybrid system of the future will also enhance its usefulness to the present cryptography transition.