TY - JOUR
T1 - Key Substitution Attacks on Lattice Signature Schemes Based on SIS Problem
AU - An, Youngjoo
AU - Lee, Hyang Sook
AU - Lee, Juhee
AU - Lim, Seongan
N1 - Publisher Copyright:
© 2018 Youngjoo An et al.
PY - 2018
Y1 - 2018
N2 - The notion of key substitution security on digital signatures in the multiuser setting has been proposed by Menezes and Smart in 2004. Along with the unforgeability of signature, the key substitution security is very important since it is a critical requirement for the nonrepudiation and the authentication of the signature. Lattice-based signature is a promising candidate for post-quantum cryptography, and the unforgeability of each scheme has been relatively well studied. In this paper, we present key substitution attacks on BLISS, Lyubashevsky's signature scheme, and GPV and thus show that these signature schemes do not provide nonrepudiation. We also suggest how to avoid key substitution attack on these schemes.
AB - The notion of key substitution security on digital signatures in the multiuser setting has been proposed by Menezes and Smart in 2004. Along with the unforgeability of signature, the key substitution security is very important since it is a critical requirement for the nonrepudiation and the authentication of the signature. Lattice-based signature is a promising candidate for post-quantum cryptography, and the unforgeability of each scheme has been relatively well studied. In this paper, we present key substitution attacks on BLISS, Lyubashevsky's signature scheme, and GPV and thus show that these signature schemes do not provide nonrepudiation. We also suggest how to avoid key substitution attack on these schemes.
UR - http://www.scopus.com/inward/record.url?scp=85056532483&partnerID=8YFLogxK
U2 - 10.1155/2018/8525163
DO - 10.1155/2018/8525163
M3 - Article
AN - SCOPUS:85056532483
SN - 1939-0114
VL - 2018
JO - Security and Communication Networks
JF - Security and Communication Networks
M1 - 8525163
ER -