Cryptanalysis of a code-based full-time signature (original) (raw)
Related papers
Cryptanalysis of a Code-Based Signature Scheme Based on the Lyubashevsky Framework
IACR Cryptol. ePrint Arch., 2020
In this paper we cryptanalyze a recently proposed signature scheme consisting in a translation of the Lyubashevsky framework to the coding theory, whose security is based on the hardness of decoding low weight errors in the Hamming metric. We show that each produced signature leaks information about the secret key and that, after the observation of a bunch of signatures, the secret key can be fully recovered with simple linear algebra. We conservatively assess the complexity of our proposed attack and show that it grows polynomially in the scheme parameters; numerical simulations are used to confirm our analysis. Our results show that the weakness of the scheme is intrinsic by design, and that security cannot be restored by a mere change in the parameters.
Post-quantum Cryptography: Code-Based Signatures
Advances in Computer Science and Information …, 2010
This survey provides a comparative overview of code-based signature schemes with respect to security and performance. Furthermore, we explicitly describe serveral code-based signature schemes with additional properties such as identity-based, threshold ring and blind signatures.
A new code-based public-key cryptosystem resistant to quantum computer attacks
Journal of Physics: Conference Series, 2019
We propose a new type of public-key cryptosystems (PKC) which is based on repetition of different error-correcting codes. We give a brief analysis of some well known attacks on code-based PKC, including structural ones and show that the scheme could be used as a perspective post-quantum PKC.
Exploiting Determinism in Lattice-based Signatures
Proceedings of the 2019 ACM Asia Conference on Computer and Communications Security
In this paper, we analyze the implementation level fault vulnerabilities of deterministic lattice-based signature schemes. In particular, we extend the practicality of skip-addition fault attacks through exploitation of determinism in certain variants of Dilithium (Deterministic variant) and qTESLA signature scheme (originally submitted deterministic version), which are two leading candidates for the NIST standardization of post-quantum cryptography. We show that single targeted faults injected in the signing procedure allow to recover an important portion of the secret key. Though faults injected in the signing procedure do not recover all the secret key elements, we propose a novel forgery algorithm that allows the attacker to sign any given message with only the extracted portion of the secret key. We perform experimental validation of our attack using Electromagnetic fault injection on reference implementations taken from the pqm4 library, a benchmarking and testing framework for post quantum cryptographic implementations for the ARM Cortex-M4 microcontroller. We also show that our attacks break two well known countermeasures known to protect against skip-addition fault attacks. We further propose an efficient mitigation strategy against our attack that exponentially increases the attacker's complexity at almost zero increase in computational complexity. CCS CONCEPTS • Security and privacy → Digital signatures; Hardware attacks and countermeasures; Side-channel analysis and countermeasures; Embedded systems security.
Evaluation of Code-based Signature Schemes
IACR Cryptol. ePrint Arch., 2019
Code-based cryptographic schemes recently raised to prominence as quantum-safe alternatives to the currently employed numbertheoretic constructions, which do not resist quantum attacks. In this article, we discuss the Courtois-Finiasz-Sendrier signature scheme and derive code-based signature schemes using the Fiat-Shamir transformation from code-based zero-knowledge identification schemes, namely the Stern scheme, the Jain-Krenn-Pietrzak-Tentes scheme, and the CayrelVeron-El Yousfi scheme. We analyze the security of these code-based signature schemes and derive the security parameters to achieve the 80bit and 128-bit level of classical security. To derive the secure parameters, we have studied the hardness of Syndrome Decoding Problem. Furthermore, we implement the signature schemes, based on the Fiat-Shamir transform, which were mentioned above, and compare their performance on a PC.
Analysis of code-based digital signature schemes
International Journal of Electrical and Computer Engineering (IJECE), 2023
Digital signatures are in high demand because they allow authentication and non-repudiation. Existing digital signature systems, such as digital signature algorithm (DSA), elliptic curve digital signature algorithm (ECDSA), and others, are based on number theory problems such as discrete logarithmic problems and integer factorization problems. These recently used digital signatures are not secure with quantum computers. To protect against quantum computer attacks, many researchers propose digital signature schemes based on error-correcting codes such as linear, Goppa, polar, and so on. We studied 16 distinct papers based on various error-correcting codes and analyzed their various features such as signing and verification efficiency, signature size, public key size, and security against multiple attacks.
Security Analysis of One Quantum Digital Signature Scheme
2009 Sixth International Conference on Information Technology: New Generations, 2009
We point out that the quantum digital signature scheme proposed in ICACT 2005 has three problems. According to the original description of the scheme, we find: (1) the quantum one-way function is not specified clearly; (2) the signer Alice does not use her private key in the signing process; (3) both the signing and the verification can not work well.
A SOLUTION FOR CONSTRUCTING QUANTUM - RESISTANT DIGITAL SIGNATURE SCHEMES
2024
In this article, the author proposes a solution for constructing quantum-resistant digital signature schemes based on the new hard problems, which belongs to the group of unsolvable problems. Therefore, the algorithms constructed according to the solution proposed here can be resistant to quantum attacks based on the quantum algorithm proposed by P. Shor [1]. In addition to quantum resistance, these signature schemes proposed here can also be used as pre-quantum digital signature schemes that are widely used in current practical applications.
An Efficient Attack on a Code-Based Signature Scheme
Post-Quantum Cryptography, 2016
Baldi et al. have introduced in [BBC + 13] a very novel code based signature scheme. However we will prove here that some of the bits of the signatures are correlated in this scheme and this allows an attack that recovers enough of the underlying secret structure to forge new signatures. This cryptanalysis was performed on the parameters which were devised for 80 bits of security and broke them with 100, 000 signatures originating from the same secret key.
Walnutdsa: A Quantum-Resistant Digital Signature Algorithm
2017
In 2005 I. Anshel, M. Anshel, D. Goldfeld, and S. Lemieux introduced E-Multiplication, a quantum-resistant, group-theoretic, one-way function which can be used as a basis for many different cryptographic applications. To date, all analysis and attacks on E-Multiplication have been exponential in their runtime and all have been readily addressed and defeated. This paper introduces WalnutDSA, a new E-Multiplication-based public-key digital signature method that provides very efficient verification, allowing low-powered and constrained devices to quickly and inexpensively validate digital signatures (e.g., a certificate or authentication). This paper presents an in-depth discussion of the construction of the digital signature algorithm, analyzes the security of the scheme, provides a proof of security under EUF-CMA, and discusses the practical results from implementations on several constrained devices. With the implementation of parameters that defeat all known attacks, WalnutDSA is c...