Wuhan Univ. J. Nat. Sci.
Volume 27, Number 1, March 2022
|Page(s)||17 - 25|
|Published online||16 March 2022|
CLC number: TP391
An Algorithm Substitution Attack on Fiat-Shamir Signatures Based on Lattice
1 School of Cyber Security, Northwestern Polytechnical University, Xi’an 710072, Shaanxi, China
2 Research & Development Institute of Northwestern Polytechnical University, Shenzhen 518057, Guangdong, China
3 School of Cyber Security, Xi’an University of Posts and Telecommunications, Xi’an 710121, Shaanxi, China
4 School of Computer Science, Guizhou University of Finance and Economics, Guiyang 550025, Guizhou, China
5 School of Computer Science, Wuhan University, Wuhan 430072, Hubei, China
† To whom correspondence should be addressed. E-mail: firstname.lastname@example.org
Received: 15 September 2021
Many evidences have showed that some intelligence agencies (often called big brother) attempt to monitor citizens’ communication by providing coerced citizens a lot of subverted cryptographic algorithms and coercing them to adopt these algorithms. Since legalized services on large number of various applications and system architectures depend on digital signature techniques, in the context some coerced users who use double authentication preventing signatures to design some novel digital signature techniques, have some convincing dissertations to defuse requests from authorities and big brothers creating some corresponding subverted signatures. As rapid progress in quantum computers, National Security Agency advisory memorandum and announcement of National Institute of Standards and Technology procedures from standardization focus on some cryptographic algorithms which are post quantum secure. Motivated by these issues, we design an algorithm substitution attack against Fiat-Shamir family based on lattices (e.g., BLISS, BG, Ring-TESLA, PASSSign and GLP) that are proven post-quantum computational secure. We also show an efficient deterable way to eliminate big brother’s threat by leaking signing keys from signatures on two messages to be public. Security proof shows that our schemes satisfy key extraction, undetectability and deterability. Through parameters analysis and performance evaluation, we demonstrate that our deterring subverted Fiat-Shamir signature is practical, which means that it can be applied to privacy and protection in some system architectures.
Key words: algorithm substitution attack / double authentication preventing signatures / lattice / ring-SIS (small integer solution) problem
Biography: LIU Jinhui, female, Ph.D., research direction: information security and cryptography. E-mail: jh.liu6666@ nwpu.edu.cn
Foundation item: Supported by the National Natural Science Foundation of China (61802239, 61872229, 62062019, 62074131) , Key Research and Development Program of Shaanxi Province (2020ZDLGY09-06, 2021ZDLGY06-04, 2021ZDLGY05-01) , Natural Science Basic Research Plan in Shaanxi Province (2019JQ-667, 2020JQ-422) , and Shenzhen Fundamental Research Program (20210317191843003)
© Wuhan University 2022
This is an Open Access article distributed under the terms of the Creative Commons Attribution License (https://creativecommons.org/licenses/by/4.0), which permits unrestricted use, distribution, and reproduction in any medium, provided the original work is properly cited.
Current usage metrics show cumulative count of Article Views (full-text article views including HTML views, PDF and ePub downloads, according to the available data) and Abstracts Views on Vision4Press platform.
Data correspond to usage on the plateform after 2015. The current usage metrics is available 48-96 hours after online publication and is updated daily on week days.
Initial download of the metrics may take a while.