Organizer: Stefanie Kettler, TU Darmstadt

Abstract

In this work, we present two fault attacks against MPCitH-based signature schemes: we present a key recovery attack and a signature forgery attack, both of which only need a single successful fault injection to succeed. We analyze all five MPCitH-based schemes which are currently analyzed in round 2 of NIST's additional signature standardization process: Mirath, MQOM, PERK, RYDE, and SDitH. Our analysis shows that all five schemes are vulnerable to at least one of the attacks. We validate the practicality of our attacks using the ChipWhisperer setup and discuss countermeasures to prevent the attacks.

Speaker Bio

Jan Brinkmann is a PhD student at the Chair for Data Security and Cryptography at University of Regensburg, supervised by Juliane Krämer. His research interests include the physical security of PQC primitives, such as fault attacks and side-channel attacks. Before that, he studied IT-Security at Ruhr-University of Bochum and graduated with a Master of Science in 2022.