Overview
Explore a comprehensive analysis of the security of hedged Fiat-Shamir signatures under fault attacks in this 25-minute conference talk presented at Eurocrypt 2020. Delve into the paper by Diego F. Aranha, Claudio Orlandi, Akira Takahashi, and Greg Zaverucha, which examines the vulnerabilities of deterministic randomness generation in signature schemes. Investigate various fault adversary types, including special soundness attacks and large randomness bias attacks. Learn about the proposed countermeasure of randomness hedging and its implications for signature security. Gain insights into the researchers' approach, modeling of fault attackers, and security proof overview. Discover the positive and negative results of their study, with specific focus on XEDSA and Picnic signature schemes. Enhance your understanding of cryptographic signature security and fault attack mitigation strategies in this informative presentation.
Syllabus
Intro
This Talk in a Nutshell...
Signature from Canonical ID Protocol
Sensitivity of Per-signature Randomness
Randomness Failure in Practice
Popular Solution: Deterministic Randomness Generation
Deterministic FS is Vulnerable to Faults!
Fault Adversary Type : Special Soundness Attack
Fault Adversary Type It: Large Randomness Bias Attack
Better Countermeasure? - Randomness Hedging
Contributions
Approach
Modeling Fault Attackers
Security Proof Overview
Overview of Our Results
Negative Results
XEDSA and Picnic
Conclusion
Taught by
TheIACR