Paper 2025/548

Breaking HuFu with 0 Leakage: A Side-Channel Analysis

Julien Devevey, ANSSI (Paris, France)
Morgane Guerreau, CryptoNext Security (Paris, France)
Thomas Legavre, ANSSI (Paris, France), Thales (France), Laboratoire de Recherche en Informatique de Paris 6
Ange Martinelli, ANSSI (Paris, France)
Thomas Ricosset, Thales (France)
Abstract

HuFu is an unstructured lattice-based signature scheme proposed during the NIST PQC standardization process. In this work, we present a side-channel analysis of HuFu's reference implementation. We first exploit the multiplications involving its two main secret matrices, recovering approximately half of their entries through a non-profiled power analysis with a few hundred traces. Using these coefficients, we reduce the dimension of the underlying LWE problem, enabling full secret key recovery with calls to a small block-sized BKZ. To mitigate this attack, we propose a countermeasure that replaces sensitive computations involving a secret matrix with equivalent operations derived solely from public elements, eliminating approximately half of the identified leakage and rendering the attack unfeasible. Finally, we perform a non-profiled power analysis targeting HuFu's Gaussian sampling procedure, recovering around 75\% of the remaining secret matrix's entries in a few hundred traces. While full key recovery remains computationally intensive, we demonstrate that partial knowledge of the secret significantly improves the efficiency of signature forgery.

Metadata
Available format(s)
PDF
Category
Attacks and cryptanalysis
Publication info
Published elsewhere. CASCADE 2025
Keywords
SCApost-quantumsignatureslatticesleakage
Contact author(s)
julien devevey @ ssi gouv fr
morgane guerreau @ cryptonext-security com
thomas legavre @ thalesgroup com
ange martinelli @ ssi gouv fr
thomas ricosset @ thalesgroup com
History
2025-03-26: approved
2025-03-25: received
See all versions
Short URL
https://ia.cr/2025/548
License
Creative Commons Attribution
CC BY

BibTeX

@misc{cryptoeprint:2025/548,
      author = {Julien Devevey and Morgane Guerreau and Thomas Legavre and Ange Martinelli and Thomas Ricosset},
      title = {Breaking {HuFu} with 0 Leakage: A Side-Channel Analysis},
      howpublished = {Cryptology {ePrint} Archive, Paper 2025/548},
      year = {2025},
      url = {https://eprint.iacr.org/2025/548}
}
Note: In order to protect the privacy of readers, eprint.iacr.org does not use cookies or embedded third party content.