Logo
ScienceStack
Table of Contents
Fetching ...
Sign In

A note on a Code-Based Signature Scheme

Giuseppe D'Alconzo

TL;DR

This paper analyzes Liu et al.'s code-based constructions, showing that the Modified McEliece (MME) encryption offers no security advantage over the standard McEliece, and that the LYHW19 CFS-like signature remains impractical when aiming for standard security levels. It demonstrates that using small $t$ to accelerate signing enables practical key-recovery attacks via the Support Splitting Algorithm, while increasing parameters worsens signing performance without restoring feasibility. The work thus highlights that the pursued performance gains come at the cost of security, underscoring the need for new code-based signature paradigms that preserve CFS-style security while reducing signing complexity. The findings emphasize the ongoing challenge in code-based signatures and the importance of robust security guarantees for post-quantum primitives intended for real-world deployment.

Abstract

In this work, we exploit a serious security flaw in a code-based signature scheme from a 2019 work by Liu, Yang, Han and Wang. They adapt the McEliece cryptosystem to obtain a new scheme and, on top of this, they design an efficient digital signature. We show that the new encryption scheme based on McEliece, even if it has longer public keys, is not more secure than the standard one. Moreover, the choice of parameters for the signature leads to a significant performance improvement, but it introduces a vulnerability in the protocol.

A note on a Code-Based Signature Scheme

TL;DR

This paper analyzes Liu et al.'s code-based constructions, showing that the Modified McEliece (MME) encryption offers no security advantage over the standard McEliece, and that the LYHW19 CFS-like signature remains impractical when aiming for standard security levels. It demonstrates that using small to accelerate signing enables practical key-recovery attacks via the Support Splitting Algorithm, while increasing parameters worsens signing performance without restoring feasibility. The work thus highlights that the pursued performance gains come at the cost of security, underscoring the need for new code-based signature paradigms that preserve CFS-style security while reducing signing complexity. The findings emphasize the ongoing challenge in code-based signatures and the importance of robust security guarantees for post-quantum primitives intended for real-world deployment.

Abstract

In this work, we exploit a serious security flaw in a code-based signature scheme from a 2019 work by Liu, Yang, Han and Wang. They adapt the McEliece cryptosystem to obtain a new scheme and, on top of this, they design an efficient digital signature. We show that the new encryption scheme based on McEliece, even if it has longer public keys, is not more secure than the standard one. Moreover, the choice of parameters for the signature leads to a significant performance improvement, but it introduces a vulnerability in the protocol.
Paper Structure (14 sections, 2 theorems, 1 equation)

This paper contains 14 sections, 2 theorems, 1 equation.

Table of Contents

  1. Introduction
  2. Post-Quantum Cryptography.
  3. Code-Based Signatures.
  4. Our contribution.
  5. Preliminaries
  6. Notation.
  7. Linear Codes and Goppa Codes.
  8. Public-Key Encryption Schemes.
  9. Digital Signatures and CFS.
  10. Modified McEliece Cryptosystem
  11. McEliece and the Modified Version
  12. Security Analysis
  13. The Signature Scheme
  14. Conclusions

Key Result

Proposition 1

Let $\mathcal{F}_{\pcalgostyle{ME}}$ be a key-recovery forger able to retrieve the secret key for the scheme $\pcalgostyle{ME}$, then it is possible to design a key-recovery forger $\mathcal{F}_{\pcalgostyle{MME}}$ for $\pcalgostyle{MME}$ that uses $\mathcal{F}_{\pcalgostyle{ME}}$ as a subroutine.

Theorems & Definitions (4)

  • Proposition 1
  • proof
  • Proposition 2
  • proof