Paper 2025/548
Breaking HuFu with 0 Leakage: A Side-Channel Analysis
Abstract
HuFu is an unstructured lattice-based signature scheme proposed during the NIST PQC standardization process. In this work, we present a side-channel analysis of HuFu's reference implementation. We first exploit the multiplications involving its two main secret matrices, recovering approximately half of their entries through a non-profiled power analysis with a few hundred traces. Using these coefficients, we reduce the dimension of the underlying LWE problem, enabling full secret key recovery with calls to a small block-sized BKZ. To mitigate this attack, we propose a countermeasure that replaces sensitive computations involving a secret matrix with equivalent operations derived solely from public elements, eliminating approximately half of the identified leakage and rendering the attack unfeasible. Finally, we perform a non-profiled power analysis targeting HuFu's Gaussian sampling procedure, recovering around 75\% of the remaining secret matrix's entries in a few hundred traces. While full key recovery remains computationally intensive, we demonstrate that partial knowledge of the secret significantly improves the efficiency of signature forgery.
Metadata
- Available format(s)
-
PDF
- Category
- Attacks and cryptanalysis
- Publication info
- Published elsewhere. CASCADE 2025
- Keywords
- SCApost-quantumsignatureslatticesleakage
- Contact author(s)
-
julien devevey @ ssi gouv fr
morgane guerreau @ cryptonext-security com
thomas legavre @ thalesgroup com
ange martinelli @ ssi gouv fr
thomas ricosset @ thalesgroup com - History
- 2025-03-26: approved
- 2025-03-25: received
- See all versions
- Short URL
- https://ia.cr/2025/548
- License
-
CC BY
BibTeX
@misc{cryptoeprint:2025/548, author = {Julien Devevey and Morgane Guerreau and Thomas Legavre and Ange Martinelli and Thomas Ricosset}, title = {Breaking {HuFu} with 0 Leakage: A Side-Channel Analysis}, howpublished = {Cryptology {ePrint} Archive, Paper 2025/548}, year = {2025}, url = {https://eprint.iacr.org/2025/548} }