Simple Power Analysis Attack on SQIsign

Anisha Mukherjee; Maciej Czuprynko; David Jacquemin; Péter  Kutas; Sujoy Sinha Roy

doi:10.1007/978-3-031-97260-7_12

Simple Power Analysis Attack on SQIsign

Anisha Mukherjee
, Maciej Czuprynko
, David Jacquemin
, Péter Kutas
, Sujoy Sinha Roy

Institute of Information Security (7050)

Research output: Chapter in Book/Report/Conference proceeding › Conference paper › peer-review

Abstract

The isogeny-based post-quantum digital signature algorithm SQIsign offers the most compact key and signature sizes among all candidates in the ongoing NIST call for additional post-quantum signature algorithms. To the best of our knowledge, we present the first Simple Power Analysis (SPA) side-channel attack on SQIsign, demonstrating its feasibility for key recovery.
Our attack specifically targets secret-dependent computations within Cornacchia's algorithm, a fundamental component of SQIsign's quaternion module. At the core of this algorithm, a secret-derived yet ephemeral exponent is used in a modular exponentiation subroutine. By performing SPA on the modular exponentiation, we successfully recover this ephemeral exponent. We then develop a method to show how this leaked exponent can be exploited to ultimately reconstruct the secret signing key of SQIsign.
Our findings emphasize the critical need for side-channel-resistant implementations of SQIsign, highlighting previously unexplored vulnerabilities in its design.

Original language	English
Title of host publication	Progress in Cryptology - AFRICACRYPT 2025
Subtitle of host publication	16th International Conference on Cryptology in Africa, Rabat, Morocco, July 21–23, 2025, Proceedings
Editors	Abderrahmane Nitaj, Svetla Petkova-Nikova, Vincent Rijmen
Pages	245–269
Number of pages	25
ISBN (Electronic)	978-3-031-97260-7
DOIs	https://doi.org/10.1007/978-3-031-97260-7_12
Publication status	Published - 2 Jul 2025
Event	16th International Conference on Cryptology, Progress in Cryptology - AFRICACRYPT 2025 - Rabat, Morocco Duration: 21 Jul 2025 → 23 Jul 2025

Publication series

Name	Lecture Notes in Computer Science
Volume	15651 LNCS
ISSN (Print)	0302-9743
ISSN (Electronic)	1611-3349

Conference

Conference	16th International Conference on Cryptology, Progress in Cryptology - AFRICACRYPT 2025
Abbreviated title	AFRICACRYPT 2025
Country/Territory	Morocco
City	Rabat
Period	21/07/25 → 23/07/25

Keywords

Isogeny
PQC
Side-Channel Analysis
SQIsign

ASJC Scopus subject areas

Theoretical Computer Science
General Computer Science

Fields of Expertise

Information, Communication & Computing

Access to Document

10.1007/978-3-031-97260-7_12

Cite this

Mukherjee, A., Czuprynko, M., Jacquemin, D., Kutas, P., & Sinha Roy, S. (2025). Simple Power Analysis Attack on SQIsign. In A. Nitaj, S. Petkova-Nikova, & V. Rijmen (Eds.), Progress in Cryptology - AFRICACRYPT 2025: 16th International Conference on Cryptology in Africa, Rabat, Morocco, July 21–23, 2025, Proceedings (pp. 245–269). (Lecture Notes in Computer Science; Vol. 15651 LNCS). https://doi.org/10.1007/978-3-031-97260-7_12

Simple Power Analysis Attack on SQIsign. / Mukherjee, Anisha ; Czuprynko, Maciej; Jacquemin, David et al.
Progress in Cryptology - AFRICACRYPT 2025: 16th International Conference on Cryptology in Africa, Rabat, Morocco, July 21–23, 2025, Proceedings. ed. / Abderrahmane Nitaj; Svetla Petkova-Nikova; Vincent Rijmen. 2025. p. 245–269 (Lecture Notes in Computer Science; Vol. 15651 LNCS).

Research output: Chapter in Book/Report/Conference proceeding › Conference paper › peer-review

Mukherjee, A , Czuprynko, M, Jacquemin, D, Kutas, P & Sinha Roy, S 2025, Simple Power Analysis Attack on SQIsign. in A Nitaj, S Petkova-Nikova & V Rijmen (eds), Progress in Cryptology - AFRICACRYPT 2025: 16th International Conference on Cryptology in Africa, Rabat, Morocco, July 21–23, 2025, Proceedings. Lecture Notes in Computer Science, vol. 15651 LNCS, pp. 245–269, 16th International Conference on Cryptology, Progress in Cryptology - AFRICACRYPT 2025, Rabat, Morocco, 21/07/25. https://doi.org/10.1007/978-3-031-97260-7_12

Mukherjee A , Czuprynko M, Jacquemin D, Kutas P, Sinha Roy S. Simple Power Analysis Attack on SQIsign. In Nitaj A, Petkova-Nikova S, Rijmen V, editors, Progress in Cryptology - AFRICACRYPT 2025: 16th International Conference on Cryptology in Africa, Rabat, Morocco, July 21–23, 2025, Proceedings. 2025. p. 245–269. (Lecture Notes in Computer Science). doi: 10.1007/978-3-031-97260-7_12

Mukherjee, Anisha ; Czuprynko, Maciej ; Jacquemin, David et al. / Simple Power Analysis Attack on SQIsign. Progress in Cryptology - AFRICACRYPT 2025: 16th International Conference on Cryptology in Africa, Rabat, Morocco, July 21–23, 2025, Proceedings. editor / Abderrahmane Nitaj ; Svetla Petkova-Nikova ; Vincent Rijmen. 2025. pp. 245–269 (Lecture Notes in Computer Science).

@inproceedings{f12788b1da05412083df9c1541aaafba,

title = "Simple Power Analysis Attack on SQIsign",

abstract = "The isogeny-based post-quantum digital signature algorithm SQIsign offers the most compact key and signature sizes among all candidates in the ongoing NIST call for additional post-quantum signature algorithms. To the best of our knowledge, we present the first Simple Power Analysis (SPA) side-channel attack on SQIsign, demonstrating its feasibility for key recovery. Our attack specifically targets secret-dependent computations within Cornacchia's algorithm, a fundamental component of SQIsign's quaternion module. At the core of this algorithm, a secret-derived yet ephemeral exponent is used in a modular exponentiation subroutine. By performing SPA on the modular exponentiation, we successfully recover this ephemeral exponent. We then develop a method to show how this leaked exponent can be exploited to ultimately reconstruct the secret signing key of SQIsign. Our findings emphasize the critical need for side-channel-resistant implementations of SQIsign, highlighting previously unexplored vulnerabilities in its design.",

keywords = "Isogeny, PQC, Side-Channel Analysis, SQIsign",

author = "Anisha Mukherjee and Maciej Czuprynko and David Jacquemin and P{\'e}ter Kutas and \{Sinha Roy\}, Sujoy",

year = "2025",

month = jul,

day = "2",

doi = "10.1007/978-3-031-97260-7\_12",

language = "English",

isbn = "978-3-031-97259-1",

series = "Lecture Notes in Computer Science",

pages = "245–269",

editor = "Abderrahmane Nitaj and Svetla Petkova-Nikova and Vincent Rijmen",

booktitle = "Progress in Cryptology - AFRICACRYPT 2025",

note = "16th International Conference on Cryptology, Progress in Cryptology - AFRICACRYPT 2025, AFRICACRYPT 2025 ; Conference date: 21-07-2025 Through 23-07-2025",

}

TY - GEN

T1 - Simple Power Analysis Attack on SQIsign

AU - Mukherjee, Anisha

AU - Czuprynko, Maciej

AU - Jacquemin, David

AU - Kutas, Péter

AU - Sinha Roy, Sujoy

PY - 2025/7/2

Y1 - 2025/7/2

N2 - The isogeny-based post-quantum digital signature algorithm SQIsign offers the most compact key and signature sizes among all candidates in the ongoing NIST call for additional post-quantum signature algorithms. To the best of our knowledge, we present the first Simple Power Analysis (SPA) side-channel attack on SQIsign, demonstrating its feasibility for key recovery. Our attack specifically targets secret-dependent computations within Cornacchia's algorithm, a fundamental component of SQIsign's quaternion module. At the core of this algorithm, a secret-derived yet ephemeral exponent is used in a modular exponentiation subroutine. By performing SPA on the modular exponentiation, we successfully recover this ephemeral exponent. We then develop a method to show how this leaked exponent can be exploited to ultimately reconstruct the secret signing key of SQIsign. Our findings emphasize the critical need for side-channel-resistant implementations of SQIsign, highlighting previously unexplored vulnerabilities in its design.

AB - The isogeny-based post-quantum digital signature algorithm SQIsign offers the most compact key and signature sizes among all candidates in the ongoing NIST call for additional post-quantum signature algorithms. To the best of our knowledge, we present the first Simple Power Analysis (SPA) side-channel attack on SQIsign, demonstrating its feasibility for key recovery. Our attack specifically targets secret-dependent computations within Cornacchia's algorithm, a fundamental component of SQIsign's quaternion module. At the core of this algorithm, a secret-derived yet ephemeral exponent is used in a modular exponentiation subroutine. By performing SPA on the modular exponentiation, we successfully recover this ephemeral exponent. We then develop a method to show how this leaked exponent can be exploited to ultimately reconstruct the secret signing key of SQIsign. Our findings emphasize the critical need for side-channel-resistant implementations of SQIsign, highlighting previously unexplored vulnerabilities in its design.

KW - Isogeny

KW - PQC

KW - Side-Channel Analysis

KW - SQIsign

UR - https://www.scopus.com/pages/publications/105011364817

U2 - 10.1007/978-3-031-97260-7_12

DO - 10.1007/978-3-031-97260-7_12

M3 - Conference paper

SN - 978-3-031-97259-1

T3 - Lecture Notes in Computer Science

SP - 245

EP - 269

BT - Progress in Cryptology - AFRICACRYPT 2025

A2 - Nitaj, Abderrahmane

A2 - Petkova-Nikova, Svetla

A2 - Rijmen, Vincent

T2 - 16th International Conference on Cryptology, Progress in Cryptology - AFRICACRYPT 2025

Y2 - 21 July 2025 through 23 July 2025

ER -

Simple Power Analysis Attack on SQIsign

Abstract

Publication series

Conference

Keywords

ASJC Scopus subject areas

Fields of Expertise

Access to Document

Other files and links

Fingerprint

FWF - ISOCrystals - Secure and Efficient Isogeny-based Cryptography in Hardware