Welcome to the resource topic for 2025/2096
Title:
Laser Fault Injection Attack on the eXtended Merkle Signature Scheme
Authors: Alexander Wagner, Marc Schink, Silvan Streit, Dominik Klein, Sven Freud
Abstract:The interest in hash-based signatures (HBS) has increased since the need for post-quantum cryptography (PQC) emerged that could withstand attacks by quantum computers. Since their standardization, stateful HBS algorithms have been deployed in several products ranging from embedded devices up to servers.
In practice, they are most applicable to verify the integrity and authenticity of data that rarely changes, such as the firmware of embedded devices. The verification procedure then takes place during a secure boot or firmware update process. In past works, the research community has investigated hardware and software optimizations for this use case and vendors brought forward products.
In this study, we practically evaluate a fault attack on the Winternitz One-Time Signature (WOTS) scheme. The attack can be mounted on different HBS schemes, such as LMS, XMSS, and SPHINCS+. Both, the verification as well as the signing operation can be targeted.
The study describes the preparation and implementation of the attack on a standard microcontroller as well as the difficulties the attacker has to overcome. Additionally it presents a countermeasure, which is easy to implement and can increase the effort for an attacker significantly.
ePrint: https://eprint.iacr.org/2025/2096
See all topics related to this paper.
Feel free to post resources that are related to this paper below.
Example resources include: implementations, explanation materials, talks, slides, links to previous discussions on other websites.
For more information, see the rules for Resource Topics .