Add to ORKGIn this paper we cryptanalyze a recently proposed signature scheme consisting in a translation of the Lyubashevsky framework to the coding theory, whose security is based on the hardness of decoding low weight errors in the Hamming metric. We show that each produced signature leaks information about the secret key and that, after the observation of a bunch of signatures, the secret key can be fully recovered with simple linear algebra. We conservatively assess the complexity of our proposed attack and show that it grows polynomially in the scheme parameters; numerical simulations are used to confirm our analysis. Our results show that the weakness of the scheme is intrinsic by design, and that security cannot be restored by a mere change in...
A large part in the design of secure cryptographic primitives consists in identifying hard algorithm...
International audienceKabastianskii, Krouk and Smeets proposed in 1997 a digital signature scheme ba...
Side-channel attacks allow the adversary to gain partial knowledge of the secret key when cryptograp...
In 2012, Lyubashevsky introduced a framework for obtaining efficient digital signatures relying on l...
17 pages, submitted to DCCInternational audienceWe present an attack against a code-based signature ...
17 pages, submitted to DCCInternational audienceWe present an attack against a code-based signature ...
International audienceIn 2012, Lyubashevsky introduced a new framework for building lattice-based si...
International audienceIn 2012, Lyubashevsky introduced a new framework for building lattice-based si...
International audienceBaldi et al. have introduced in [BBC + 13] a very novel code based signature s...
International audienceKabastianskii, Krouk and Smeets proposed in 1997 a digital signature scheme ba...
We consider a one-time digital signature scheme recently proposed by Persichetti and show that a suc...
We consider a one-time digital signature scheme recently proposed by Persichetti and show that a suc...
We consider a one-time digital signature scheme recently proposed by Persichetti and show that a suc...
We consider a one-time digital signature scheme recently proposed by Persichetti and show that a suc...
A large part in the design of secure cryptographic primitives consists in identifying hard algorithm...
A large part in the design of secure cryptographic primitives consists in identifying hard algorithm...
International audienceKabastianskii, Krouk and Smeets proposed in 1997 a digital signature scheme ba...
Side-channel attacks allow the adversary to gain partial knowledge of the secret key when cryptograp...
In 2012, Lyubashevsky introduced a framework for obtaining efficient digital signatures relying on l...
17 pages, submitted to DCCInternational audienceWe present an attack against a code-based signature ...
17 pages, submitted to DCCInternational audienceWe present an attack against a code-based signature ...
International audienceIn 2012, Lyubashevsky introduced a new framework for building lattice-based si...
International audienceIn 2012, Lyubashevsky introduced a new framework for building lattice-based si...
International audienceBaldi et al. have introduced in [BBC + 13] a very novel code based signature s...
International audienceKabastianskii, Krouk and Smeets proposed in 1997 a digital signature scheme ba...
We consider a one-time digital signature scheme recently proposed by Persichetti and show that a suc...
We consider a one-time digital signature scheme recently proposed by Persichetti and show that a suc...
We consider a one-time digital signature scheme recently proposed by Persichetti and show that a suc...
We consider a one-time digital signature scheme recently proposed by Persichetti and show that a suc...
A large part in the design of secure cryptographic primitives consists in identifying hard algorithm...
A large part in the design of secure cryptographic primitives consists in identifying hard algorithm...
International audienceKabastianskii, Krouk and Smeets proposed in 1997 a digital signature scheme ba...
Side-channel attacks allow the adversary to gain partial knowledge of the secret key when cryptograp...