Paper 2020/837
An Attack on Some Signature Schemes Constructed From Five-Pass Identification Schemes
Daniel Kales and Greg Zaverucha
Abstract
We present a generic forgery attack on signature schemes constructed from 5-round identification schemes made non-interactive with the Fiat-Shamir transform. The attack applies to ID schemes that use parallel repetition to decrease the soundness error. The attack can be mitigated by increasing the number of parallel repetitions, and our analysis of the attack facilitates parameter selection.
We apply the attack to MQDSS, a post-quantum signature scheme relying on the hardness of the MQ-problem. Concretely, forging a signature for the L1 instance of MQDSS, which should provide 128 bits of security, can be done in
Metadata
- Available format(s)
-
PDF
- Category
- Public-key cryptography
- Publication info
- Published elsewhere. Minor revision. CANS 2020
- Keywords
- public-key signaturessecurity analysispost-quantum cryptographyFiat-Shamir transformMQDSS
- Contact author(s)
-
daniel kales @ iaik tugraz at
gregz @ microsoft com - History
- 2020-10-06: revised
- 2020-07-12: received
- See all versions
- Short URL
- https://ia.cr/2020/837
- License
-
CC BY
BibTeX
@misc{cryptoeprint:2020/837,
author = {Daniel Kales and Greg Zaverucha},
title = {An Attack on Some Signature Schemes Constructed From Five-Pass Identification Schemes},
howpublished = {Cryptology {ePrint} Archive, Paper 2020/837},
year = {2020},
url = {https://eprint.iacr.org/2020/837}
}
