Paper 2025/116

A Horizontal Attack on the Codes and Restricted Objects Signature Scheme (CROSS)

Jonas Schupp, TUM School of Computation, Information and Technology Technical University of Munich, Munich, Germany
Georg Sigl, TUM School of Computation, Information and Technology Technical University of Munich, Munich, Germany, Fraunhofer Institute for Applied and Integrated Security (AISEC), Garching, Germany
Abstract

CROSS is a post-quantum secure digital signature scheme submitted to NIST’s Call for Additional Signatures which was recently selected for round 2. It features signature and key sizes in the range of SLH-DSA while providing a substantially faster signing operation. Within this work, we provide the first passive side-channel attack on the scheme. The attack recovers the secret key from all except one parameter sets from a single power trace while requiring at maximum two power traces for the R-SDP(G) 1 Fast instance. To successfully mount the attack, we show how to recover the secret key from side-channel information gained from the syndrome computation in CROSS’ identification protocol. We furthermore show how the hypothesis space for the attack can be restricted using information from the published signature.

Metadata
Available format(s)
PDF
Category
Attacks and cryptanalysis
Publication info
Preprint.
Keywords
Post-Quantum CryptographySide-ChannelHorizontal Attack
Contact author(s)
Jonas Schupp @ tum de
sigl @ tum de
History
2025-01-27: approved
2025-01-24: received
See all versions
Short URL
https://ia.cr/2025/116
License
Creative Commons Attribution
CC BY

BibTeX

@misc{cryptoeprint:2025/116,
      author = {Jonas Schupp and Georg Sigl},
      title = {A Horizontal Attack on the Codes and Restricted Objects Signature Scheme ({CROSS})},
      howpublished = {Cryptology {ePrint} Archive, Paper 2025/116},
      year = {2025},
      url = {https://eprint.iacr.org/2025/116}
}
Note: In order to protect the privacy of readers, eprint.iacr.org does not use cookies or embedded third party content.