Paper 2024/110
Cryptanalysis of the SNOVA signature scheme
Abstract
SNOVA is a variant of a UOV-type signature scheme over a noncommutative ring. In this article, we demonstrate that certain parameters provided by authors in SNOVA fail to meet the NIST security level, and the complexities are lower than those claimed by SNOVA.
Note: There are some adjustments to the complexity (Table 1) of the new version and the original version.
Metadata
- Available format(s)
- Category
- Attacks and cryptanalysis
- Publication info
- Published elsewhere. Minor revision. PQCrypto2024
- DOI
- 10.1007/978-3-031-62746-0_4
- Keywords
- MPKCs;UOV;SNOVA
- Contact author(s)
-
lpg22 @ bimsa cn
jintai ding @ gmail com - History
- 2024-07-24: revised
- 2024-01-25: received
- See all versions
- Short URL
- https://ia.cr/2024/110
- License
-
CC BY-NC-SA
BibTeX
@misc{cryptoeprint:2024/110, author = {Peigen Li and Jintai Ding}, title = {Cryptanalysis of the {SNOVA} signature scheme}, howpublished = {Cryptology {ePrint} Archive, Paper 2024/110}, year = {2024}, doi = {10.1007/978-3-031-62746-0_4}, url = {https://eprint.iacr.org/2024/110} }