Paper 2026/1266

Practical End-to-end Fault Attacks on PERK

Tanguy Stekke, Université Libre de Bruxelles
Durba Chatterjee, Radboud University Nijmegen
Lejla Batina, Radboud University Nijmegen
Abstract

This paper presents the first practical end-to-end fault injection attacks on the post-quantum signature scheme PERK, based on the MPC-in-the-Head paradigm and relies on GGM tree expansions for efficient randomness generation. While GGM trees reduce memory requirements, they introduce implementation-level deviations from the theoretical model. We show that these implementation choices fundamentally alter the fault surface and enable new attack vectors that are not captured by the original security assumptions. We propose two attacks targeting distinct stages of the GGM tree construction. The first attack fixes the root seed, resulting in deterministic tree generation and enabling full reconstruction of all leaf labels. The second attack induces reuse of GGM roots via an instruction skip, allowing recovery of hidden leaf values across consecutive rounds. Both attacks require only a single fault to recover the secret key. We demonstrate both attacks end-to-end on the pqm4 reference implementation compiled with optimization levels -O3 as well as -Os for ARM Cortex-M4 microcontrollers. Our evaluation is performed on two hardware platforms (ChipWhisperer-Lite with STM32F303 and Nucleo-L4R5ZI-P) using clock glitching and electromagnetic fault injection (EMFI). We achieve success probabilities of 100% and 85% for the two attacks, respectively. Finally, we propose countermeasures for both attacks.

Metadata
Available format(s)
PDF
Category
Attacks and cryptanalysis
Publication info
Preprint.
Keywords
Fault Injection AttackPost-Quantum CryptographyMPCitHPERK
Contact author(s)
tanguy stekke @ gmail com
durba chatterjee94 @ gmail com
lejla @ cs ru nl
History
2026-06-19: approved
2026-06-16: received
See all versions
Short URL
https://ia.cr/2026/1266
License
Creative Commons Attribution
CC BY

BibTeX

@misc{cryptoeprint:2026/1266,
      author = {Tanguy Stekke and Durba Chatterjee and Lejla Batina},
      title = {Practical End-to-end Fault Attacks on {PERK}},
      howpublished = {Cryptology {ePrint} Archive, Paper 2026/1266},
      year = {2026},
      url = {https://eprint.iacr.org/2026/1266}
}
Note: In order to protect the privacy of readers, eprint.iacr.org does not use cookies or embedded third party content.