CryptoDB
FuLeakage: Breaking FuLeeca by Learning Attacks
| Authors: |
|
|---|---|
| Download: |
|
| Presentation: | Slides |
| Conference: | CRYPTO 2024 |
| Abstract: | FuLeeca is a signature scheme submitted to the recent NIST call for additional signatures. It is an efficient hash-and-sign scheme based on quasi-cyclic codes in the Lee metric and resembles the lattice-based signature Falcon. FuLeeca proposes a so-called concentration step within the signing procedure to avoid leakage of secret-key information from the signatures. However, FuLeeca is still vulnerable to learning attacks, which were first observed for lattice-based schemes. We present three full key-recovery attacks by exploiting the proximity of the code-based FuLeeca scheme to lattice-based primitives. More precisely, we use a few signatures to extract an n/2-dimensional circulant sublattice from the given length-n code, that still contains the exceptionally short secret-key vector. This significantly reduces the classical attack cost and, in addition, leads to a full key recovery in quantum-polynomial time. Furthermore, we exploit a bias in the concentration procedure to classically recover the full key for any security level with at most 175.000 signatures in less than an hour. |
BibTeX
@inproceedings{crypto-2024-34328,
title={FuLeakage: Breaking FuLeeca by Learning Attacks},
publisher={Springer-Verlag},
doi={10.1007/978-3-031-68391-6_8},
author={Wessel van Woerden and Felicitas Hörmann},
year=2024
}