Paper 2018/318

Practical attacks against the Walnut digital signature scheme

Ward Beullens and Simon R. Blackburn

Abstract

Recently, NIST started the process of standardizing quantum- resistant public-key cryptographic algorithms. WalnutDSA, the subject of this paper, is one of the 20 proposed signature schemes that are being considered for standardization. Walnut relies on a one-way function called E-Multiplication, which has a rich algebraic structure. This paper shows that this structure can be exploited to launch several practical attacks against the Walnut cryptosystem. The attacks work very well in practice; it is possible to forge signatures and compute equivalent secret keys for the 128-bit and 256-bit security parameters submitted to NIST in less than a second and in less than a minute respectively.

Metadata
Available format(s)
PDF
Category
Public-key cryptography
Publication info
Preprint. MINOR revision.
Keywords
NIST PQCpost-quantum digital signaturescryptanalysisgroup based cryptography
Contact author(s)
ward @ beullens com
History
2018-04-04: revised
2018-04-04: received
See all versions
Short URL
https://ia.cr/2018/318
License
Creative Commons Attribution
CC BY

BibTeX

@misc{cryptoeprint:2018/318,
      author = {Ward Beullens and Simon R.  Blackburn},
      title = {Practical attacks against the Walnut digital signature scheme},
      howpublished = {Cryptology ePrint Archive, Paper 2018/318},
      year = {2018},
      note = {\url{https://eprint.iacr.org/2018/318}},
      url = {https://eprint.iacr.org/2018/318}
}
Note: In order to protect the privacy of readers, eprint.iacr.org does not use cookies or embedded third party content.