home.social

#sphincs — Public Fediverse posts

Live and recent posts from across the Fediverse tagged #sphincs, aggregated by home.social.

  1. 📌 April-26:

    The official bets are in: #Lattices vs #X25519 the #cryptographers 📈 #polymarket is open.

    👉 My money would be on team @djb and @matthew_d_green

    Any new #postquantum hard assumption will fail before #quantumcomputers deliver.

    If @filippo pq apocalyptic timeframe is correct, only expensive, well understood, hash tree based signatures like #SPHINCS will save our ass (again).

    github.com/FiloSottile/ecc-vs-

  2. CW: research review

    A. Genêt, "On Protecting SPHINCS+ Against Fault Attacks"¹

    SPHINCS+ is a hash-based digital signature scheme that was selected by NIST in their post-quantum cryptography standardization process. The establishment of a universal forgery on the seminal scheme SPHINCS was shown to be feasible in practice by injecting a fault when the signing device constructs any non-top subtree. Ever since the attack has been made public, little effort was spent to protect the SPHINCS family against attacks by faults. This paper works in this direction in the context of SPHINCS+ and analyzes the current algorithms that aim to prevent fault-based forgeries.

    First, the paper adapts the original attack to SPHINCS+ reinforced with randomized signing and extends the applicability of the attack to any combination of faulty and valid signatures. Considering the adaptation, the paper then presents a thorough analysis of the attack. In particular, the analysis shows that, with high probability, the security guarantees of SPHINCS+ significantly drop when a single random bit flip occurs anywhere in the signing procedure and that the resulting faulty signature cannot be detected with the verification procedure. The paper shows both in theory and experimentally that the countermeasures based on caching the intermediate W-OTS+s offer a marginally greater protection against unintentional faults, and that such countermeasures are circumvented with a tolerable number of queries in an active attack. Based on these results, the paper recommends real-world deployments of SPHINCS+ to implement redundancy checks.

    #IACR #ResearchPapers #SPHINCS+ #FaultAttacks #PQSignatures

    __
    ¹ eprint.iacr.org/2023/042

  3. CW: research review

    A. Genêt, "On Protecting SPHINCS+ Against Fault Attacks"¹

    SPHINCS+ is a hash-based digital signature scheme that was selected by NIST in their post-quantum cryptography standardization process. The establishment of a universal forgery on the seminal scheme SPHINCS was shown to be feasible in practice by injecting a fault when the signing device constructs any non-top subtree. Ever since the attack has been made public, little effort was spent to protect the SPHINCS family against attacks by faults. This paper works in this direction in the context of SPHINCS+ and analyzes the current algorithms that aim to prevent fault-based forgeries.

    First, the paper adapts the original attack to SPHINCS+ reinforced with randomized signing and extends the applicability of the attack to any combination of faulty and valid signatures. Considering the adaptation, the paper then presents a thorough analysis of the attack. In particular, the analysis shows that, with high probability, the security guarantees of SPHINCS+ significantly drop when a single random bit flip occurs anywhere in the signing procedure and that the resulting faulty signature cannot be detected with the verification procedure. The paper shows both in theory and experimentally that the countermeasures based on caching the intermediate W-OTS+s offer a marginally greater protection against unintentional faults, and that such countermeasures are circumvented with a tolerable number of queries in an active attack. Based on these results, the paper recommends real-world deployments of SPHINCS+ to implement redundancy checks.

    #IACR #ResearchPapers #SPHINCS+ #FaultAttacks #PQSignatures

    __
    ¹ eprint.iacr.org/2023/042

  4. CW: research review

    A. Genêt, "On Protecting SPHINCS+ Against Fault Attacks"¹

    SPHINCS+ is a hash-based digital signature scheme that was selected by NIST in their post-quantum cryptography standardization process. The establishment of a universal forgery on the seminal scheme SPHINCS was shown to be feasible in practice by injecting a fault when the signing device constructs any non-top subtree. Ever since the attack has been made public, little effort was spent to protect the SPHINCS family against attacks by faults. This paper works in this direction in the context of SPHINCS+ and analyzes the current algorithms that aim to prevent fault-based forgeries.

    First, the paper adapts the original attack to SPHINCS+ reinforced with randomized signing and extends the applicability of the attack to any combination of faulty and valid signatures. Considering the adaptation, the paper then presents a thorough analysis of the attack. In particular, the analysis shows that, with high probability, the security guarantees of SPHINCS+ significantly drop when a single random bit flip occurs anywhere in the signing procedure and that the resulting faulty signature cannot be detected with the verification procedure. The paper shows both in theory and experimentally that the countermeasures based on caching the intermediate W-OTS+s offer a marginally greater protection against unintentional faults, and that such countermeasures are circumvented with a tolerable number of queries in an active attack. Based on these results, the paper recommends real-world deployments of SPHINCS+ to implement redundancy checks.

    #IACR #ResearchPapers #SPHINCS+ #FaultAttacks #PQSignatures

    __
    ¹ eprint.iacr.org/2023/042

  5. CW: research review

    A. Genêt, "On Protecting SPHINCS+ Against Fault Attacks"¹

    SPHINCS+ is a hash-based digital signature scheme that was selected by NIST in their post-quantum cryptography standardization process. The establishment of a universal forgery on the seminal scheme SPHINCS was shown to be feasible in practice by injecting a fault when the signing device constructs any non-top subtree. Ever since the attack has been made public, little effort was spent to protect the SPHINCS family against attacks by faults. This paper works in this direction in the context of SPHINCS+ and analyzes the current algorithms that aim to prevent fault-based forgeries.

    First, the paper adapts the original attack to SPHINCS+ reinforced with randomized signing and extends the applicability of the attack to any combination of faulty and valid signatures. Considering the adaptation, the paper then presents a thorough analysis of the attack. In particular, the analysis shows that, with high probability, the security guarantees of SPHINCS+ significantly drop when a single random bit flip occurs anywhere in the signing procedure and that the resulting faulty signature cannot be detected with the verification procedure. The paper shows both in theory and experimentally that the countermeasures based on caching the intermediate W-OTS+s offer a marginally greater protection against unintentional faults, and that such countermeasures are circumvented with a tolerable number of queries in an active attack. Based on these results, the paper recommends real-world deployments of SPHINCS+ to implement redundancy checks.

    #IACR #ResearchPapers #SPHINCS+ #FaultAttacks #PQSignatures

    __
    ¹ eprint.iacr.org/2023/042

  6. heise+ | Von der NIST standardisiert: Vier Post-Quanten-Kryptoalgorithmen erklärt

    Die US-Behörde NIST hat vier Post-Quanten-Kryptoalgorithmen zur Standardisierung ausgewählt. Die IT-Welt muss sich nun mit diesen Methoden vertraut machen.
    Von der NIST standardisiert: Vier Post-Quanten-Kryptoalgorithmen erklärt
  7. Van apareciendo los primeros estándares de criptografía post-cuántica del #NIST!

    #kyber para cifrado, #Dilithium, #Falcon y #SPHINCS+ para auth y firma digital.

    La computación cuántica cada vez más lejos de ser una amenaza a la criptografía moderna :-)

    helpnetsecurity.com/2022/07/06

  8. Van apareciendo los primeros estándares de criptografía post-cuántica del #NIST!

    #kyber para cifrado, #Dilithium, #Falcon y #SPHINCS+ para auth y firma digital.

    La computación cuántica cada vez más lejos de ser una amenaza a la criptografía moderna :-)

    helpnetsecurity.com/2022/07/06

  9. Datensicherheit: Grazer Experten haben bei US-Standards Hand im Spiel

    Amerikanische NIST präsentierte quantencomputersichere Verschlüsselungsalgorithmen – TU-Institut trug zum post-quanten-Algorithmus #SPHINCS+ bei

    derstandard.at/story/200013734