Skip to Main content Skip to Navigation
Conference papers

Loop abort Faults on Lattice-Based Fiat-Shamir & Hash'n Sign signatures

Abstract : As the advent of general-purpose quantum computers appears to be drawing closer, agencies and advisory bodies have started recommending that we prepare the transition away from factoring and discrete logarithm-based cryptography, and towards postquantum secure constructions, such as lattice-based schemes. Almost all primitives of classical cryptography (and more!) can be realized with lattices, and the efficiency of primitives like encryption and signatures has gradually improved to the point that key sizes are competitive with RSA at similar security levels, and fast performance can be achieved both in software and hardware. However, little research has been conducted on physical attacks targeting concrete implementations of postquantum cryptography in general and lattice-based schemes in particular , and such research is essential if lattices are going to replace RSA and elliptic curves in our devices and smart cards. In this paper, we look in particular at fault attacks against some instances of the Fiat-Shamir family of signature scheme on lattices (BLISS, GLP, TESLA and PASSSign) and on the GPV scheme, member of the Hash'n Sign family. Some of these schemes have achieved record-setting efficiency in software and hardware. We present several possible fault attacks, one of which allows a full key recovery with as little as a single faulty signature, and discuss possible countermeasures to mitigate these attacks.
Document type :
Conference papers
Complete list of metadatas

Cited literature [22 references]  Display  Hide  Download
Contributor : Thomas Espitau <>
Submitted on : Wednesday, July 12, 2017 - 5:09:43 PM
Last modification on : Friday, July 10, 2020 - 4:19:31 PM
Document(s) archivé(s) le : Thursday, January 25, 2018 - 1:35:59 AM


Files produced by the author(s)


  • HAL Id : hal-01561424, version 1


Thomas Espitau, Pierre-Alain Fouque, Benoit Gérard, Mehdi Tibouchi. Loop abort Faults on Lattice-Based Fiat-Shamir & Hash'n Sign signatures. 23rd Conference on Selected Area In Cryptography, Aug 2016, Saint John's, Canada. ⟨hal-01561424⟩



Record views


Files downloads