A Key-Recovery Attack on a Leaky SeaSign Variant

CryptoDB

A Key-Recovery Attack on a Leaky SeaSign Variant

Authors:	Shai Levin , University of Auckland
Download:	DOI: 10.62056/a3c39qgxq URL: https://cic.iacr.org/p/1/4/14 Search ePrint Search Google
Abstract:	We present a key-recovery attack on a variant of the SeaSign signature scheme presented by [Kim24], which attempts to avoid rejection sampling by presampling vectors f such that the f-e is contained in an acceptable bound, where e is the secret key. We show that this choice leads to a bias of these vectors such that, in a small number of signatures, the secret key can either be completely recovered or its keyspace substantially reduced. In particular, given 20 signatures, with parameter set II of their paper, the attack reduces the private key to 128 possibilities.

BibTeX

@article{cic-2025-34907,
  title={A Key-Recovery Attack on a Leaky SeaSign Variant},
  journal={cic},
  publisher={International Association for Cryptologic Research},
  volume={1, Issue 4},
  url={https://cic.iacr.org/p/1/4/14},
  doi={10.62056/a3c39qgxq},
  author={Shai Levin},
  year=2025
}

International Association for Cryptologic Research

International Associationfor Cryptologic Research

CryptoDB

A Key-Recovery Attack on a Leaky SeaSign Variant

BibTeX

International Association
for Cryptologic Research