Simple Power Analysis Attack on SQIsign

Anisha Mukherjee, Maciej Czuprynko, David Jacquemin, Péter Kutas, Sujoy Sinha Roy

Research output: Chapter in Book/Report/Conference proceedingConference paperpeer-review

Abstract

The isogeny-based post-quantum digital signature algorithm SQIsign offers the most compact key and signature sizes among all candidates in the ongoing NIST call for additional post-quantum signature algorithms. To the best of our knowledge, we present the first Simple Power Analysis (SPA) side-channel attack on SQIsign, demonstrating its feasibility for key recovery.
Our attack specifically targets secret-dependent computations within Cornacchia's algorithm, a fundamental component of SQIsign's quaternion module. At the core of this algorithm, a secret-derived yet ephemeral exponent is used in a modular exponentiation subroutine. By performing SPA on the modular exponentiation, we successfully recover this ephemeral exponent. We then develop a method to show how this leaked exponent can be exploited to ultimately reconstruct the secret signing key of SQIsign.
Our findings emphasize the critical need for side-channel-resistant implementations of SQIsign, highlighting previously unexplored vulnerabilities in its design.
Original languageEnglish
Title of host publicationAfricacrypt 2025
Publication statusAccepted/In press - 2025
Event16th International Conference on Cryptology, Progress in Cryptology - AFRICACRYPT 2025 - Rabat, Morocco
Duration: 21 Jul 202523 Jul 2025

Conference

Conference16th International Conference on Cryptology, Progress in Cryptology - AFRICACRYPT 2025
Abbreviated titleAFRICACRYPT 2025
Country/TerritoryMorocco
CityRabat
Period21/07/2523/07/25

Fields of Expertise

  • Information, Communication & Computing

Fingerprint

Dive into the research topics of 'Simple Power Analysis Attack on SQIsign'. Together they form a unique fingerprint.

Cite this