ResearchTrend.AI
  • Papers
  • Communities
  • Events
  • Blog
  • Pricing
Papers
Communities
Social Events
Terms and Conditions
Pricing
Parameter LabParameter LabTwitterGitHubLinkedInBlueskyYoutube

© 2025 ResearchTrend.AI, All rights reserved.

  1. Home
  2. Papers
  3. 2408.15843
28
8

On the (In)security of optimized Stern-like signature schemes

28 August 2024
André Chailloux
Simona Etinski
    LLMSV
ArXiv (abs)PDFHTML
Abstract

Stern's signature scheme is a historically important code-based signature scheme. A crucial optimization of this scheme is to generate pseudo-random vectors and a permutation instead of random ones, and most proposals that are based on Stern's signature use this optimization. However, its security has not been properly analyzed, especially when we use deterministic commitments. In this article, we study the security of this optimization. We first show that for some parameters, there is an attack that exploits this optimization and breaks the scheme in time O(2λ2)O(2^{\frac{\lambda}{2}})O(22λ​) while the claimed security is λ\lambdaλ bits. This impacts in particular the recent Quasy-cyclic Stern signature scheme [BGMS22]. Our second result shows that there is an efficient fix to this attack. By adding a string salt∈{0,1}2λsalt \in \{0,1\}^{2\lambda}salt∈{0,1}2λ to the scheme, and changing slightly how the pseudo-random strings are generated, we prove not only that our attack doesn't work but that for any attack, the scheme preserves λ\lambdaλ bits of security, and this fix increases the total signature size by only 2λ2\lambda2λ bits. We apply this construction to other optimizations on Stern's signature scheme, such as the use of Lee's metric or the use of hash trees, and we show how these optimizations improve the signature length of Stern's signature scheme.

View on arXiv
Comments on this paper