Abstract
In this paper, we introduce the first fault attack on SQIsign. By injecting a fault into the ideal generator during the commitment phase, we demonstrate a meaningful probability of inducing the generation of order. The probability is bounded by one parameter, the degree of commitment isogeny. We also show that the probability can be reasonably estimated by assuming uniform randomness of a random variable, and provide empirical evidence supporting the validity of this approximation. In addition, we identify a loop-abort vulnerability due to the iterative structure of the isogeny operation. Exploiting these vulnerabilities, we present key recovery fault attack scenarios for two versions of SQIsign—one deterministic and the other randomized. We then analyze the time complexity and the number of queries required for each attack. Finally, we discuss straightforward countermeasures that can be implemented against the attack.
Original language | English |
---|---|
Title of host publication | Post-Quantum Cryptography - 15th International Workshop, PQCrypto 2024, Proceedings |
Editors | Markku-Juhani Saarinen, Daniel Smith-Tone, Daniel Smith-Tone |
Publisher | Springer Science and Business Media Deutschland GmbH |
Pages | 54-76 |
Number of pages | 23 |
ISBN (Print) | 9783031627453 |
DOIs | |
Publication status | Published - 2024 |
Event | 15th International Conference on Post-Quantum Cryptography, PQCrypto 2024 - Oxford, United Kingdom Duration: 2024 Jun 12 → 2024 Jun 14 |
Publication series
Name | Lecture Notes in Computer Science (including subseries Lecture Notes in Artificial Intelligence and Lecture Notes in Bioinformatics) |
---|---|
Volume | 14772 LNCS |
ISSN (Print) | 0302-9743 |
ISSN (Electronic) | 1611-3349 |
Conference
Conference | 15th International Conference on Post-Quantum Cryptography, PQCrypto 2024 |
---|---|
Country/Territory | United Kingdom |
City | Oxford |
Period | 24/6/12 → 24/6/14 |
Bibliographical note
Publisher Copyright:© The Author(s), under exclusive license to Springer Nature Switzerland AG 2024.
Keywords
- Fault Attack
- Isogeny
- Post-Quantum Cryptography
- Quaternion Algebra
ASJC Scopus subject areas
- Theoretical Computer Science
- General Computer Science