Welcome to the resource topic for 2025/378
Title:
Side-Channel and Fault Injection Attacks on VOLEitH Signature Schemes: A Case Study of Masked FAEST
Authors: Sönke Jendral, Elena Dubrova
Abstract:Ongoing efforts to transition to post-quantum secure public-
key cryptosystems have created the need for algorithms with a variety of
performance characteristics and security assumptions. Among the can-
didates in NIST’s post-quantum standardisation process for additional
digital signatures is FAEST, a Vector Oblivious Linear Evaluation in-the-
Head (VOLEitH)-based scheme, whose security relies on the one-wayness
of the Advanced Encryption Standard (AES). The VOLEitH paradigm
enables competitive performance and signature sizes under conservative
security assumptions. However, since it was introduced recently, in 2023,
its resistance to physical attacks has not yet been analysed. In this
paper, we present the first security analysis of VOLEitH-based signa-
ture schemes in the context of side-channel and fault injection attacks.
We demonstrate four practical attacks on a masked implementation of
FAEST in ARM Cortex-M4 capable of recovering the full secret key with
high probability (greater than 0.87) from a single signature. These at-
tacks exploit vulnerabilities of components specific to VOLEitH schemes
and FAEST, such as the all-but-one vector commitments, VOLE gener-
ation, and AES proof generation. Finally, we propose countermeasures
to mitigate these attacks and enhance the physical security of VOLEitH-
based signature schemes.
ePrint: https://eprint.iacr.org/2025/378
See all topics related to this paper.
Feel free to post resources that are related to this paper below.
Example resources include: implementations, explanation materials, talks, slides, links to previous discussions on other websites.
For more information, see the rules for Resource Topics .