A note on a Code-Based Signature Scheme
Giuseppe D'Alconzo
TL;DR
This paper identifies a security flaw in a 2019 code-based signature scheme derived from McEliece, showing that the improved performance compromises security, highlighting the importance of careful parameter selection.
Contribution
The paper critically analyzes a recent code-based signature scheme, revealing security vulnerabilities caused by parameter choices and emphasizing the need for rigorous security evaluation.
Findings
The scheme's security is compromised despite longer public keys.
Parameter choices for efficiency introduce protocol vulnerabilities.
The scheme is not more secure than the standard McEliece cryptosystem.
Abstract
In this work, we exploit a serious security flaw in a code-based signature scheme from a 2019 work by Liu, Yang, Han and Wang. They adapt the McEliece cryptosystem to obtain a new scheme and, on top of this, they design an efficient digital signature. We show that the new encryption scheme based on McEliece, even if it has longer public keys, is not more secure than the standard one. Moreover, the choice of parameters for the signature leads to a significant performance improvement, but it introduces a vulnerability in the protocol.
Peer Reviews
No public reviews on file for this paper yet. If you reviewed it on a platform where reviews are public (OpenReview, ICLR, NeurIPS, ICML), you can paste yours below so the community can read it here.
Videos
No videos yet. Explain this paper in a talk, walkthrough, or lecture? Add one.
Taxonomy
TopicsCryptography and Data Security · Coding theory and cryptography · DNA and Biological Computing