We propose an attack on the recent attempt by Li, Xing and Yeo to produce a code-based signature scheme using the Schnorr-Lyubashevsky approach in the Hamming metric, and verify its effectiveness through numerical simulations. Differently from other (unsuccessful) proposals, this new scheme exploits rejection sampling along with dense noise vectors to hide the secret key structure in produced signatures. We show that these measures, besides yielding very slow signing times and rather long signatures, do not succeed in protecting the secret key. We are indeed able to prove the existence of a strong correlation between produced signatures, which ultimately leaks information about the secret key. To support this claim, we use both theoretical arguments and numerical evidences. Finally, we employ such a weakness to mount a full key recovery attack, which is able to recover the secret key after the observation of a bunch of signatures. Our results show that the considered scheme may be secure only for one-time usage.
Cryptanalysis of a Code-Based Signature scheme based on the Schnorr-Lyubashevsky framework / Baldi, Marco; Deneuville, Jean-Christophe; Persichetti, Edoardo; Santini, Paolo. - In: IEEE COMMUNICATIONS LETTERS. - ISSN 1089-7798. - ELETTRONICO. - 25:9(2021), pp. 2829-2833. [10.1109/LCOMM.2021.3096256]
Cryptanalysis of a Code-Based Signature scheme based on the Schnorr-Lyubashevsky framework
Baldi, Marco;Persichetti, Edoardo;Santini, Paolo
2021-01-01
Abstract
We propose an attack on the recent attempt by Li, Xing and Yeo to produce a code-based signature scheme using the Schnorr-Lyubashevsky approach in the Hamming metric, and verify its effectiveness through numerical simulations. Differently from other (unsuccessful) proposals, this new scheme exploits rejection sampling along with dense noise vectors to hide the secret key structure in produced signatures. We show that these measures, besides yielding very slow signing times and rather long signatures, do not succeed in protecting the secret key. We are indeed able to prove the existence of a strong correlation between produced signatures, which ultimately leaks information about the secret key. To support this claim, we use both theoretical arguments and numerical evidences. Finally, we employ such a weakness to mount a full key recovery attack, which is able to recover the secret key after the observation of a bunch of signatures. Our results show that the considered scheme may be secure only for one-time usage.| File | Dimensione | Formato | |
|---|---|---|---|
|
Cryptanalysis_of_a_Code-Based_Signature_Scheme_Based_on_the_Schnorr-Lyubashevsky_Framework.pdf
Solo gestori archivio
Tipologia:
Versione editoriale (versione pubblicata con il layout dell'editore)
Licenza d'uso:
Tutti i diritti riservati
Dimensione
351.02 kB
Formato
Adobe PDF
|
351.02 kB | Adobe PDF | Visualizza/Apri Richiedi una copia |
|
COMML2020.pdf
accesso aperto
Descrizione: © 2021 IEEE. Personal use of this material is permitted. Permission from IEEE must be obtained for all other uses, in any current or future media, including reprinting/republishing this material for advertising or promotional purposes, creating new collective works, for resale or redistribution to servers or lists, or reuse of any copyrighted component of this work in other works.
Tipologia:
Documento in post-print (versione successiva alla peer review e accettata per la pubblicazione)
Licenza d'uso:
Licenza specifica dell’editore
Dimensione
303.38 kB
Formato
Adobe PDF
|
303.38 kB | Adobe PDF | Visualizza/Apri |
I documenti in IRIS sono protetti da copyright e tutti i diritti sono riservati, salvo diversa indicazione.
