Paper 2023/422

A Differential Fault Attack against Deterministic Falcon Signatures

Sven Bauer, Siemens AG
Fabrizio De Santis, Siemens AG
Abstract

We describe a fault attack against the deterministic variant of the Falcon signature scheme. It is the first fault attack that exploits specific properties of deterministic Falcon. The attack works under a very liberal and realistic single fault random model. The main idea is to inject a fault into the pseudo-random generator of the pre-image trapdoor sampler, generate different signatures for the same input, find reasonably short lattice vectors this way, and finally use lattice reduction techniques to obtain the private key. We investigate the relationship between fault location, the number of faults, computational effort for a possibly remaining exhaustive search step and success probability.

Metadata
Available format(s)
PDF
Category
Attacks and cryptanalysis
Publication info
Preprint.
Keywords
Fault attackPost-quantum cryptographyDigital signature schemesLattice-based cryptographyFalcon
Contact author(s)
svenbauer @ siemens com
fabrizio desantis @ siemens com
History
2023-03-24: approved
2023-03-23: received
See all versions
Short URL
https://ia.cr/2023/422
License
Creative Commons Attribution
CC BY

BibTeX 

@misc{cryptoeprint:2023/422,
      author = {Sven Bauer and Fabrizio De Santis},
      title = {A Differential Fault Attack against Deterministic Falcon Signatures},
      howpublished = {Cryptology {ePrint} Archive, Paper 2023/422},
      year = {2023},
      url = {https://eprint.iacr.org/2023/422}
}
Note: In order to protect the privacy of readers, eprint.iacr.org does not use cookies or embedded third party content.