Fault Attacks on MPCitH Signature Schemes
摘要
In this work, we present two fault attacks against MPCitH-based signature schemes: we present a key-recovery attack and a signature-forgery attack, both of which only need a single successful fault injection to succeed. Focusing on Mirath and RYDE, we provide a detailed analysis of their behavior under the fault attacks presented. In addition, we evaluate the applicability of the same attacks to the other MPCitH-based candidates from round 2 of the NIST signature standardization process (FAEST, MQOM, PERK, and SDitH). Our analysis shows that all six schemes are vulnerable to at least one of the attacks. We validate the practicality of our attacks using the ChipWhisperer setup and discuss countermeasures to prevent the attacks.