Paper 2021/134

Cryptanalysis of a code-based signature scheme without trapdoors

Marco Baldi, Jean-Christophe Deneuville, Edoardo Persichetti, and Paolo Santini


We propose an attack on the recent attempt by Li, Xing and Yeo to produce a code-based signature scheme using the Schnorr-Lyubashevsky approach in the Hamming metric, and verify its effectiveness through numerical simulations. Differently from other (unsuccessful) proposals, this new scheme exploits rejection sampling along with dense noise vectors to hide the secret key structure in produced signatures. We show that these measures, besides yielding very slow signing times and rather long signatures, do not succeed in protecting the secret key. We are indeed able to prove the existence of a strong correlation between produced signatures, which ultimately leaks information about the secret key. To support this claim, we use both theoretical arguments and numerical evidences. Finally, we employ such a weakness to mount a full key recovery attack, which is able to recover the secret key after the observation of a bunch of signatures. Our results show that the considered scheme may be secure only for one-time usage.

Available format(s)
Public-key cryptography
Publication info
Published elsewhere. MINOR revision.IEEE COMML
Code-based cryptographyCryptanalysisDigital signatureZero-knowledge identification scheme
Contact author(s)
jean-christophe deneuville @ enac fr
2021-07-08: last of 2 revisions
2021-02-10: received
See all versions
Short URL
Creative Commons Attribution


      author = {Marco Baldi and Jean-Christophe Deneuville and Edoardo Persichetti and Paolo Santini},
      title = {Cryptanalysis of a code-based signature scheme without trapdoors},
      howpublished = {Cryptology ePrint Archive, Paper 2021/134},
      year = {2021},
      note = {\url{}},
      url = {}
Note: In order to protect the privacy of readers, does not use cookies or embedded third party content.