Simple Power Analysis Attack on SQIsign

Anisha Mukherjee; Maciej Czuprynko; David Jacquemin; Péter  Kutas; Sujoy Sinha Roy

Simple Power Analysis Attack on SQIsign

Anisha Mukherjee, Maciej Czuprynko, David Jacquemin, Péter Kutas, Sujoy Sinha Roy

Institute of Information Security (7050)

Publikation: Beitrag in Buch/Bericht/Konferenzband › Beitrag in einem Konferenzband › Begutachtung

Abstract

The isogeny-based post-quantum digital signature algorithm SQIsign offers the most compact key and signature sizes among all candidates in the ongoing NIST call for additional post-quantum signature algorithms. To the best of our knowledge, we present the first Simple Power Analysis (SPA) side-channel attack on SQIsign, demonstrating its feasibility for key recovery.
Our attack specifically targets secret-dependent computations within Cornacchia's algorithm, a fundamental component of SQIsign's quaternion module. At the core of this algorithm, a secret-derived yet ephemeral exponent is used in a modular exponentiation subroutine. By performing SPA on the modular exponentiation, we successfully recover this ephemeral exponent. We then develop a method to show how this leaked exponent can be exploited to ultimately reconstruct the secret signing key of SQIsign.
Our findings emphasize the critical need for side-channel-resistant implementations of SQIsign, highlighting previously unexplored vulnerabilities in its design.

Originalsprache	englisch
Titel	Africacrypt 2025
Publikationsstatus	Angenommen/In Druck - 2025
Veranstaltung	16th International Conference on Cryptology, Progress in Cryptology - AFRICACRYPT 2025 - Rabat, Marokko Dauer: 21 Juli 2025 → 23 Juli 2025

Konferenz

Konferenz	16th International Conference on Cryptology, Progress in Cryptology - AFRICACRYPT 2025
Kurztitel	AFRICACRYPT 2025
Land/Gebiet	Marokko
Ort	Rabat
Zeitraum	21/07/25 → 23/07/25

Fields of Expertise

Information, Communication & Computing

Zugriff auf Dokument

https://eprint.iacr.org/2025/830Lizenz: CC BY 4.0

FWF - ISOCrystals - Sichere und effiziente Isogenese-basierte Kryptographie in Hardware
Sinha Roy, S. (Teilnehmer (Co-Investigator))
3/06/24 → 2/12/27
Projekt: Forschungsprojekt

Dieses zitieren

@inproceedings{f12788b1da05412083df9c1541aaafba,

title = "Simple Power Analysis Attack on SQIsign",

abstract = "The isogeny-based post-quantum digital signature algorithm SQIsign offers the most compact key and signature sizes among all candidates in the ongoing NIST call for additional post-quantum signature algorithms. To the best of our knowledge, we present the first Simple Power Analysis (SPA) side-channel attack on SQIsign, demonstrating its feasibility for key recovery.Our attack specifically targets secret-dependent computations within Cornacchia's algorithm, a fundamental component of SQIsign's quaternion module. At the core of this algorithm, a secret-derived yet ephemeral exponent is used in a modular exponentiation subroutine. By performing SPA on the modular exponentiation, we successfully recover this ephemeral exponent. We then develop a method to show how this leaked exponent can be exploited to ultimately reconstruct the secret signing key of SQIsign.Our findings emphasize the critical need for side-channel-resistant implementations of SQIsign, highlighting previously unexplored vulnerabilities in its design.",

author = "Anisha Mukherjee and Maciej Czuprynko and David Jacquemin and P{\'e}ter Kutas and {Sinha Roy}, Sujoy",

year = "2025",

language = "English",

booktitle = "Africacrypt 2025",

note = "16th International Conference on Cryptology, Progress in Cryptology - AFRICACRYPT 2025, AFRICACRYPT 2025 ; Conference date: 21-07-2025 Through 23-07-2025",

}

TY - GEN

T1 - Simple Power Analysis Attack on SQIsign

AU - Mukherjee, Anisha

AU - Czuprynko, Maciej

AU - Jacquemin, David

AU - Kutas, Péter

AU - Sinha Roy, Sujoy

PY - 2025

Y1 - 2025

N2 - The isogeny-based post-quantum digital signature algorithm SQIsign offers the most compact key and signature sizes among all candidates in the ongoing NIST call for additional post-quantum signature algorithms. To the best of our knowledge, we present the first Simple Power Analysis (SPA) side-channel attack on SQIsign, demonstrating its feasibility for key recovery.Our attack specifically targets secret-dependent computations within Cornacchia's algorithm, a fundamental component of SQIsign's quaternion module. At the core of this algorithm, a secret-derived yet ephemeral exponent is used in a modular exponentiation subroutine. By performing SPA on the modular exponentiation, we successfully recover this ephemeral exponent. We then develop a method to show how this leaked exponent can be exploited to ultimately reconstruct the secret signing key of SQIsign.Our findings emphasize the critical need for side-channel-resistant implementations of SQIsign, highlighting previously unexplored vulnerabilities in its design.

AB - The isogeny-based post-quantum digital signature algorithm SQIsign offers the most compact key and signature sizes among all candidates in the ongoing NIST call for additional post-quantum signature algorithms. To the best of our knowledge, we present the first Simple Power Analysis (SPA) side-channel attack on SQIsign, demonstrating its feasibility for key recovery.Our attack specifically targets secret-dependent computations within Cornacchia's algorithm, a fundamental component of SQIsign's quaternion module. At the core of this algorithm, a secret-derived yet ephemeral exponent is used in a modular exponentiation subroutine. By performing SPA on the modular exponentiation, we successfully recover this ephemeral exponent. We then develop a method to show how this leaked exponent can be exploited to ultimately reconstruct the secret signing key of SQIsign.Our findings emphasize the critical need for side-channel-resistant implementations of SQIsign, highlighting previously unexplored vulnerabilities in its design.

M3 - Conference paper

BT - Africacrypt 2025

T2 - 16th International Conference on Cryptology, Progress in Cryptology - AFRICACRYPT 2025

Y2 - 21 July 2025 through 23 July 2025

ER -

Simple Power Analysis Attack on SQIsign

Abstract

Konferenz

Fields of Expertise

Zugriff auf Dokument

Fingerprint

Projekte

FWF - ISOCrystals - Sichere und effiziente Isogenese-basierte Kryptographie in Hardware

Dieses zitieren