## In this issue

1. [2024/758] Admissible Parameters for the Crossbred Algorithm ...
2. [2025/253] Adaptively Secure IBE from Lattices with ...
3. [2025/885] Fast Fuzzy PSI from Symmetric-Key Techniques
4. [2025/887] Adaptively Secure Blockchain-Aided Decentralized ...
5. [2025/892] Practical cryptanalysis of pseudorandom correlation ...
6. [2025/893] MacaKey: Full-State Keyed Sponge Meets the ...
7. [2025/894] Achieving "beyond CCA1" security for linearly ...
8. [2025/898] A New Approach for LPN-based Pseudorandom ...
9. [2025/899] Improved Noise Bound in BFV Homomorphic Encryption ...
10. [2025/900] Exclusive Ownership of Fiat-Shamir Signatures: ML- ...
11. [2025/901] A Generic Framework for Practical Lattice-Based ...
12. [2025/902] On the Fiat–Shamir Security of Succinct Arguments ...
13. [2025/903] Rock and a Hard Place: Attack Hardness in Neural ...
14. [2025/904] The Security of ML-DSA against Fault-Injection Attacks
15. [2025/905] Authenticated Key Exchange Protocol with Remote ...
16. [2025/906] Covert Attacks on Machine Learning Training in ...
17. [2025/907] New Framework for Structure-Aware PSI From ...
18. [2025/908] SubLogarithmic Linear Time SNARKs from Compressed ...
19. [2025/909] Energy Consumption Framework and Analysis of Post- ...
20. [2025/910] Robust Threshold ECDSA with Online-Friendly Design ...
21. [2025/911] Fuzzy Private Set Intersection from VOLE
22. [2025/912] Enforcing arbitrary constraints on Bitcoin transactions
23. [2025/913] Hidden Number Problems in Fiat-Shamir based Post- ...
24. [2025/914] Tweakable Permutation-based Luby-Rackoff Constructions
25. [2025/915] Improved differential cryptanalysis of SPEEDY
26. [2025/916] Automated Verification of Consistency in Zero- ...
27. [2025/917] Jagged Polynomial Commitments (or: How to Stack ...
28. [2025/918] The Accidental Computer: Polynomial Commitments ...
29. [2025/919] Rep3 Reloaded: On the Cost of Function-Dependent ...
30. [2025/920] SQIsign2D$^2$: New SQIsign2D Variant by Leveraging ...
31. [2025/921] Zero-knowledge Authenticator for Blockchain: ...
32. [2025/922] $\mathsf{HyperWolf}$: Efficient Polynomial ...
33. [2025/923] SPECK: Signatures from Permutation Equivalence of ...
34. [2025/924] Card-Based Protocol Counting Connected Components ...
35. [2025/925] SCMAC and LOL2.0: An AEAD Design Framework and A ...
36. [2025/926] Polocolo: A ZK-Friendly Hash Function Based on ...
37. [2025/927] Enhancing Meme Token Market Transparency: A Multi- ...
38. [2025/928] HAWK: Having Automorphisms Weakens Key
39. [2025/929] The DROP Protocol: Dispute Resolution via ...
40. [2025/930] SEEC: Memory Safety Meets Efficiency in Secure Two- ...
41. [2025/931] Multivalued Broadcast with Optimal Length
42. [2025/932] Integral cryptanalysis in characteristic $p$
43. [2025/933] Fast elliptic curve scalar multiplications in ...
44. [2025/934] Diving Deep Into UC: Uncovering and Resolving ...
45. [2025/935] Side-channel safe conditional moves and swaps
46. [2025/936] Justvengers: Batched VOLE ZK Disjunctions in ...
47. [2025/937] Attacking Poseidon via Graeffe-Based Root-Finding ...
48. [2025/938] PSYLOCKE: Provably Secure Logic Locking with ...
49. [2025/939] On the security of one certificateless aggregate ...
50. [2025/940] Special Genera of Hermitian Lattices and ...
51. [2025/941] Proof of Exponentiation: Enhanced Prover Efficiency ...
52. [2025/942] On the (in)security of Proofs-of-Space based ...
53. [2025/943] On the Adaptive Security of Key-Unique Threshold ...
54. [2025/944] Succinct Witness Encryption for Batch Languages and ...

## 2024/758

* Title: Admissible Parameters for the Crossbred Algorithm and Semi-regular Sequences over Finite Fields
* Authors: John Baena, Daniel Cabarcas, Sharwan K. Tiwari, Javier Verbel, Luis Villota
* [Permalink](https://eprint.iacr.org/2024/758)
* [Download](https://eprint.iacr.org/2024/758.pdf)

### Abstract

Multivariate public key cryptography (MPKC) is one of the most promising alternatives to build quantum-resistant signature schemes, as evidenced in NIST's call for additional post-quantum signature schemes. The main assumption in MPKC is the hardness of
the Multivariate Quadratic (MQ) problem, which seeks for a common root to a system of quadratic polynomials over a finite field. Although the Crossbred algorithm is among the most efficient algorithm to solve MQ over small fields, its complexity analysis
stands on shaky ground. In particular, it is not clear for what parameters it works and under what assumptions.
In this work, we provide a rigorous analysis of the Crossbred algorithm over any finite field. We provide a complete explanation of the series of admissible parameters proposed in previous literature and explicitly state the regularity assumptions
required for its validity. Moreover, we show that the series does not tell the whole story, hence we propose an additional condition for Crossbred to work. Additionally, we define and characterize a notion of regularity for systems over a small field,
which is one of the main building blocks in the series of admissible parameters.



## 2025/253

* Title: Adaptively Secure IBE from Lattices with Asymptotically Better Efficiency
* Authors: Weidan Ji, Zhedong Wang, Lin Lyu, Dawu Gu
* [Permalink](https://eprint.iacr.org/2025/253)
* [Download](https://eprint.iacr.org/2025/253.pdf)

### Abstract

Current adaptively secure identity-based encryption (IBE) constructions from lattices are unable to achieve a good balance among the master public key size, secret key size, modulus and reduction loss. All existing lattice-based IBE schemes share a
common restriction: the modulus is quadratic in the trapdoor norm.
In this work, we remove this restriction and present a new adaptively secure IBE scheme from lattices in the standard model, which improves the state-of-the-art construction proposed by Abla et al. (TCC 2021) and achieves asymptotically better efficiency.
More precisely, we achieve the asymptotically minimal number of public vectors among all the existing schemes, along with a significantly smaller modulus compared to the scheme by Abla et al. (TCC 2021). Furthermore, our scheme enjoys the smallest
Gaussian width of the secret key among all existing schemes and has the same tightness as Abla et al.'s scheme.
We propose a novel cross-multiplication design for our IBE scheme, along with several novel tools and techniques, including: (a) a homomorphic computation algorithm that outputs BGG+-style encoding with two distinct-norm trapdoors; (b) a sampling
algorithm with hybrid Gaussian outputs; and (c) a partial rerandomization algorithm. These new tools and techniques are general and could find rich applications in lattice-based cryptography.



## 2025/885

* Title: Fast Fuzzy PSI from Symmetric-Key Techniques
* Authors: Cong Zhang, Yu Chen, Yang Cao, Yujie Bai, Shuaishuai Li, Juntong Lin, Anyu Wang, Xiaoyun Wang
* [Permalink](https://eprint.iacr.org/2025/885)
* [Download](https://eprint.iacr.org/2025/885.pdf)

### Abstract

Private set intersection (PSI) enables a sender holding a set $Q$ and a receiver holding a set $W$ to securely compute the intersection $Q\cap W$. Fuzzy PSI (FPSI) is a PSI variant where the receiver learns the items $q\in Q$ for which there exists $w\in
W$ such that $\dist(q, w) \leq \delta$ with respect to some distance metric. Recently, Gao et al. (ASIACRYPT 2024) proposed the first FPSI protocols for $L_\infty$ and $L_{p\in[1,\infty)}$ distance with linear complexity. They summarized their FPSI
construction into two steps: fuzzy mapping and fuzzy matching. However, their realizations of the two steps heavily rely on public key operations, namely the DH-key exchange and additively homomorphic encryption, resulting in low efficiency.

In this work, we propose new FPSI protocols for $L_\infty$ and $L_{p\in[1,\infty)}$ distances, primarily leveraging symmetric-key primitives.
We revisit the definition of fuzzy mapping and rigorously redefine it as a cryptographic scheme. We further introduce consistency for fuzzy mapping scheme, which could simplify the fuzzy matching step into plain PSI.
We then demonstrate how to execute fuzzy mapping step satisfying consistency. We also propose several new technologies to completely avoid the extensive use of computationally expensive public-key operations burden inherent in existing solutions.

We implement our FPSI protocols and compare them with the state-of-the-art FPSI protocols. Experiments show that our protocols perform better than state-of-the-art under all the parameters we tested. Specifically, our protocols achieve a $2.2-83.9 \times
$ speedup in running time and $1.5-11.5 \times$ shrinking in communication cost, depending on set sizes, dimension and distance threshold.



## 2025/887

* Title: Adaptively Secure Blockchain-Aided Decentralized Storage Networks: Formalization and Generic Construction
* Authors: Xiangyu Su, Yuma Tamagawa, Mario Larangeira, Keisuke Tanaka
* [Permalink](https://eprint.iacr.org/2025/887)
* [Download](https://eprint.iacr.org/2025/887.pdf)

### Abstract

This work revisits the current Decentralized Storage Network (DSN) definition to propose a novel general construction based on a UTxO based ledger. To the best of our knowledge, this is the first adaptively secure UTxO blockchain-aided DSN. More
concretely, we revisit the currently existing designs to thoroughly formalize the DSN definition and its security. Moreover we present a general construction, which a client delegates data to a DSN that keeps custody of it during a jointly agreed period.
Our newly proposed approach, leveraged by the Extended UTxO (EUTxO) Model, neatly allows the storage network to offer automatic verifiability, i.e., without any interaction of the data owner, via proofs published in the blockchain. In summary, this work
presents a redesign of the DSN with the aid of a EUTxO based blockchain, by (1) putting forth a formal and rigorous description of a blockchain-aided DSN protocol, (2) offering a thorough description of a practical EUTxO based DSN, and (3) detailing a
security analysis showing that our protocol is adaptively secure by providing (rational) security guarantees.



## 2025/892

* Title: Practical cryptanalysis of pseudorandom correlation generators based on quasi-Abelian syndrome decoding
* Authors: Charles Bouillaguet, Claire Delaplace, Mickaël Hamdad, Damien Vergnaud
* [Permalink](https://eprint.iacr.org/2025/892)
* [Download](https://eprint.iacr.org/2025/892.pdf)

### Abstract

Quasi-Abelian Syndrome Decoding (QA-SD) is a recently introduced generalization of Ring-LPN that uses multivariate polynomials rings. As opposed to Ring-LPN, it enables the use of small finite field such as GF(3) and GF(4). It was introduced by Bombar et
al (Crypto 2023) in order to obtain pseudorandom correlation generators for Beaver triples over small fields. This theoretical work was turned into a concrete and efficient protocol called F4OLEage by Bombar et al. (Asiacrypt 2024) that allows several
parties to generate Beaver triples over GF(2).

We propose efficient algorithms to solve the decoding problem underlying the QA-SD assumption. We observe that it reduce to a sparse multivariate polynomial interpolation problem over a small finite field where the adversary only has access to random
evaluation points, a blind spot in the otherwise rich landscape of sparse multivariate interpolation. We develop new algorithms for this problem: using simple techniques we interpolate polynomials with up to two monomials. By sending the problem to the
field of complex numbers and using convex optimization techniques inspired by the field of “compressed sensing”, we can interpolate polynomials with more terms.

This enables us to break in practice parameters proposed by Bombar et al. at Crypto’23 and Asiacrypt’24 as well as Li et al. at Eurocrypt’25 (IACR flagship conferences Grand Slam). In the case of the F4OLEage protocol, our implementation recovers
all the secrets in a few hours with probability 60%. This not only invalidates the security proofs, but it yields real-life privacy attacks against multiparty protocols using the Beaver triples generated by the broken pseudorandom correlation generators.



## 2025/893

* Title: MacaKey: Full-State Keyed Sponge Meets the Summation-Truncation Hybrid * Authors: Charlotte Lefevre, Mario Marhuenda Beltrán
* [Permalink](https://eprint.iacr.org/2025/893)
* [Download](https://eprint.iacr.org/2025/893.pdf)

### Abstract

The keyed sponge construction has benefited from various efficiency advancements over time, most notably leading to the possibility to absorb over the entire state, as in the full-state keyed sponge. However, squeezing has always remained limited to
blocks smaller than the permutation size, as security is determined by the capacity c, the size of the non-squeezed state. In this work, we present Macakey, an improved version of the full-state keyed sponge that not only absorbs over the entire state
but also squeezes over the entire state. The scheme combines ideas of the full-state keyed sponge with those of the summation-truncation hybrid of Gunsing and Mennink. We demonstrate that, with no sacrifice in generic security and with only using c bits
of extra storage, Macakey can significantly boost performance, particularly in scenarios requiring large amounts of output. For example, using the 320-bit Ascon permutation with a 256-bit capacity, Macakey outputs five times as many bits as the full-
state keyed sponge.



## 2025/894

* Title: Achieving "beyond CCA1" security for linearly homomorphic encryption, without SNARKs?
* Authors: Marina Checri, Pierre-Emmanuel Clet, Marc Renard, Renaud Sirdey
* [Permalink](https://eprint.iacr.org/2025/894)
* [Download](https://eprint.iacr.org/2025/894.pdf)

### Abstract

In the wake of Manulis and Nguyen's Eurocrypt'24 paper, new CCA security notions, vCCA and vCCAD, and associated construction blueprints have been proposed to leverage either CPA or CPAD secure FHE beyond the CCA1 security barrier. These two notions are
the strongest CCA security notions so far achievable, respectively, by correct and approximate homomorphic schemes. However, the only known construction strategies intimately require advanced SNARK machinery, undermining their practicality. In this
context, this paper is an attempt to achieve these advanced CCA security notions in the restricted case of linearly homomorphic encryption, without resorting to SNARKs. To do so, we investigate the relationship between the Linear-Only Homomorphism (LOH)
assumption, an assumption that has been used for more than a decade at the core of several proof-of-knowledge constructions, and these two recent security notions (vCCA and vCCAD). On the bright side, when working under the correctness assumption, we
establish that the LOH property is sufficient to achieve vCCA security in both the private and public key settings. In the public key setting, we further show that a surprisingly simple and previously known Paillier-based construction also achieves this
level of security, at only twice the cost of the baseline scheme. We then turn our attention to LWE-based schemes for which the Pandora box of decryption errors opens up. In the private key setting, we are able to achieve CPAD and vCCAD security but only
in a fairly restrictive non-adaptive setting, in which vCCAD collapses onto a weak relaxation of CCA1. Finally, we eventually achieve adaptive vCCAD security provided that the number of ciphertexts given to the adversary is suitably restricted. While
bridging the gap towards credible practicality requires further work, this is a first step towards obtaining linear homomorphic schemes achieving these recent CCA security notions by means only of relatively lightweight machinery.



## 2025/898

* Title: A New Approach for LPN-based Pseudorandom Functions: Low-Depth and Key-Homomorphic
* Authors: Youlong Ding, Aayush Jain, Ilan Komargodski
* [Permalink](https://eprint.iacr.org/2025/898)
* [Download](https://eprint.iacr.org/2025/898.pdf)

### Abstract

We give new constructions of pseudorandom functions (PRFs) computable in $\mathsf{NC}^1$ from (variants of the) Learning Parity with Noise (LPN) assumption. Prior to our work, the only $\mathsf{NC}^1$-computable PRF from LPN-style assumptions was due to
Boyle et al. (FOCS 2020) who constructed a weak PRF from a new heuristic variant of LPN called variable-density LPN. We give the following three results:
(1) A weak PRF computable in $\mathsf{NC}^1$ from standard LPN.
(2) A (strong) encoded-input PRF (EI-PRF) computable in $\mathsf{NC}^1$ from sparse LPN. An EI-PRF is a PRF whose input domain is restricted to an efficiently sampleable and recognizable set. The input encoding can be computed in $\mathsf{NC}^{1+\
epsilon}$ for any constant $\epsilon > 0$, implying a strong PRF computable in $\mathsf{NC}^{1+\epsilon}$.
(3) A (strong) PRF computable in $\mathsf{NC}^1$ from a (new, heuristic) seeded LPN assumption. In our assumption, columns of the public LPN matrix are generated by an $n$-wise independent distribution. Supporting evidence for the security of the
assumption is given by showing resilience to linear tests.
As a bonus, all of our PRF constructions are key-homomorphic, an algebraic property that is useful in many symmetric-cryptography applications. No previously-known LPN-based PRFs are key-homomorphic, even if we completely ignore depth-efficiency. In
fact, our constructions support key homomorphism for linear functions (and not only additive), a property that no previously-known PRF satisfies, including ones from LWE.
Additionally, all of our PRF constructions nicely fit into the substitution-permutation network (SPN) design framework used in modern block ciphers (e.g. AES). No prior PRF construction that has a reduction to a standard cryptographic assumptions (
let alone LPN) has an SPN-like structure.
Technically, all of our constructions leverage a new recursive derandomization technique for LPN instances, which allows us to generate LPN error terms deterministically. This technique is inspired by a related idea from the LWE literature (Kim,
EUROCRYPT 2020) for which devising an LPN analogue has been an outstanding open problem.



## 2025/899

* Title: Improved Noise Bound in BFV Homomorphic Encryption and Its Application to Multiplication
* Authors: Akshit Aggarwal, Yang Li, Srinibas Swain
* [Permalink](https://eprint.iacr.org/2025/899)
* [Download](https://eprint.iacr.org/2025/899.pdf)

### Abstract

Fully Homomorphic Encryption (FHE) enables computations on encrypted data without requiring decryption. However, each computation increases the noise level, which can eventually cause decryption failures once a certain threshold is reached. In particular,
homomorphic multiplication significantly amplifies noise in the ciphertext. In this work, we revisit Ring-learning-With-Error (RLWE) based encryption proposed by Fan et al. and present an optimized noise growth approach by swapping the sample space for
secret key and error distribution. Thereafter, we revisit BFV homomorphic multiplication proposed by Kim et al. (ASIACRYPT'21) and present an optimized noise bound. Later, we empirically check the hardness of proposed scheme using lattice estimator. Our
analysis demonstrates that the proposed method achieves more than 128-bit security and achieves a lower noise bound than existing techniques.



## 2025/900

* Title: Exclusive Ownership of Fiat-Shamir Signatures: ML-DSA, SQIsign, LESS, and More
* Authors: Michael Meyer, Patrick Struck, Maximiliane Weishäupl
* [Permalink](https://eprint.iacr.org/2025/900)
* [Download](https://eprint.iacr.org/2025/900.pdf)

### Abstract

Exclusive ownership (EO) security is a feature of signature schemes that prevents adversaries from "stealing" an honestly generated signature by finding a new public key which verifies said signature. It is one of the beyond unforgeability features (BUFF)
which were declared to be desirable features by NIST. The BUFF transform allows to generically achieve exclusive ownership (and other properties) at the cost of an increased signature size. In this work, we study the EO security of (different variants
of) Fiat-Shamir signatures. As our main result, we show that the commonly used variant of Fiat-Shamir signatures (where signatures consist of challenge-response tuples) with λ-bit challenges, can achieve about λ-bit EO security through its implicit
usage of the BUFF transform—this presents a significant improvement to existing results that only provide λ/2-bit of EO security. This benefit of our result comes without an increase in signature size. For other variants of Fiat-Shamir signatures, we
show worse bounds, which nevertheless improve upon existing results. Finally, we apply our results to several signature schemes: SQIsign and LESS (both round-2 NIST candidates); ML-DSA (NIST standard); CSI-FiSh; and Schnorr signatures. This shows that
all these schemes achieve significantly better bounds regarding their EO security compared to existing results.



## 2025/901

* Title: A Generic Framework for Practical Lattice-Based Non-interactive Publicly Verifiable Secret Sharing
* Authors: Behzad Abdolmaleki, Mohammad Foroutani, Shahram Khazaei, Sajjad Nasirzadeh
* [Permalink](https://eprint.iacr.org/2025/901)
* [Download](https://eprint.iacr.org/2025/901.pdf)

### Abstract

Non-interactive publicly verifiable secret sharing (PVSS) schemes enable the decentralized (re-)sharing of secrets in adversarial environments, allowing anyone to verify the correctness of distributed shares. Such schemes are essential for large-scale
decentralized applications, including committee-based systems that require both transparency and robustness. However, existing PVSS schemes rely on group-based cryptography, resulting them vulnerable to quantum attacks and limiting their suitability for
post-quantum applications.

In this work, we propose the first practical, fully lattice-based, non-interactive PVSS scheme, grounded on standard lattice assumptions for post-quantum security. At the heart of our design is a generic framework that transforms vector commitments and
linear encryption schemes into efficient PVSS protocols. We enhance vector commitments by incorporating functional hiding and proof of smallness, ensuring that encrypted shares are both verifiable and privacy-preserving. Our construction introduces two
tailored lattice-based encryption schemes, each supporting efficient proofs of decryption correctness. This framework provides strong verifiability guarantees while maintaining low proof sizes and computational efficiency, making it suitable for systems
with large numbers of participants.



## 2025/902

* Title: On the Fiat–Shamir Security of Succinct Arguments from Functional Commitments
* Authors: Alessandro Chiesa, Ziyi Guan, Christian Knabenhans, Zihan Yu
* [Permalink](https://eprint.iacr.org/2025/902)
* [Download](https://eprint.iacr.org/2025/902.pdf)

### Abstract

We study the security of a popular paradigm for constructing SNARGs, closing a key security gap left open by prior work. The paradigm consists of two steps: first, construct a public-coin succinct interactive argument by combining a functional
interactive oracle proof (FIOP) and a functional commitment scheme (FC scheme); second, apply the Fiat–Shamir transformation in the random oracle model. Prior work did not consider this generalized setting nor prove the security of this second step (
even in special cases).

We prove that the succinct argument obtained in the first step satisfies state-restoration security, thereby ensuring that the second step does in fact yield a succinct non-interactive argument. This is provided the FIOP satisfies state-restoration
security and the FC scheme satisfies a natural state-restoration variant of function binding (a generalization of position binding for vector commitment schemes).

Moreover, we prove that notable FC schemes satisfy state-restoration function binding, allowing us to establish, via our main result, the security of several SNARGs of interest (in the random oracle model). This includes a security proof of Plonk, in the
ROM, based on ARSDH (a falsifiable assumption).



## 2025/903

* Title: Rock and a Hard Place: Attack Hardness in Neural Network-assisted Side Channel Analysis
* Authors: Seyedmohammad Nouraniboosjin, Fatemeh Ganji
* [Permalink](https://eprint.iacr.org/2025/903)
* [Download](https://eprint.iacr.org/2025/903.pdf)

### Abstract

Side-channel analysis (SCA) has become a crucial area in ensuring the security of hardware implementations against potential vulnerabilities. With advancements in machine learning (ML) and artificial intelligence (AI), neural network(NN)-assisted
techniques for SCA have demonstrated significant effectiveness. However, a fundamental question remains unanswered: are traces corresponding to different subkeys equally hard to attack? This paper addresses this issue by leveraging explainable AI
techniques to analyze the hardness levels and, consequently, the root cause of hardness. To systematically investigate this problem, we reintroduce hardness metrics in SCA, which have been known to the ML community. Those metrics include query hardness (
QH), log odds (LO), and matrix-based Rényi entropy (MRE). The challenge in this regard is that (virtually all) hardness metrics in ML cannot be adopted as they are. This is because ML and SCA metrics have conflicting goals, namely boosting accuracy and
rank. Through careful experimentation, we identify the shortcomings of QH and LO in SCA and recommend MRE as a suitable hardness metric for SCA.
We also study how hardness has been seen in SCA, where recent work has suggested the influence of class “labels” on the attack difficulty. Employing rigorous evaluation, our paper demonstrates that no statistically significant evidence can be found
to support this claim. This leads us to the question of how much traces’ time samples affect the inherent hardness in distinguishing key candidates. Our novel explainable AI (XAI) approach not only answers this, but also makes a link between hardness
and rank as the common performance metric in SCA. Our findings indicate that hardness values are influenced mainly by time samples rather than specific key labels. Furthermore, we examine whether hardness captures intrinsic properties of the traces,
specifically, their lack of separability in feature space due to their inherent similarities. To this end, we introduce, for the first time in the context of SCA, the use of maximum mean discrepancy (MMD) as a principled metric. MMD effectively links
trace hardness with attack difficulty by quantifying distributional differences induced by traces’ time samples. In addition to visualization techniques showing the root cause of hardness based on MMD, we employ XAI to explain the connection between
MMD and attack hardness. Our proposed methodology enhances the understanding
of attack difficulty in SCA and contributes to developing more robust evaluation metrics for profiling attacks.



## 2025/904

* Title: The Security of ML-DSA against Fault-Injection Attacks
* Authors: Haruhisa Kosuge, Keita Xagawa
* [Permalink](https://eprint.iacr.org/2025/904)
* [Download](https://eprint.iacr.org/2025/904.pdf)

### Abstract

Deterministic signatures are often used to mitigate the risks associated with poor-quality randomness, where the randomness in the signing process is generated by a pseudorandom function that takes a message as input. However, some studies have shown
that such signatures are vulnerable to fault-injection attacks. To strike a balance, recent signature schemes often adopt "hedged" randomness generation, where the pseudorandom function takes both a message and a nonce as input. Aranha et al. (EUROCRYPT
2020) investigated the security of hedged Fiat-Shamir signatures against 1-bit faults and demonstrated security for certain types of bit-tampering faults. Grilo et al. (ASIACRYPT 2021) extended this proof to the quantum random oracle model. Last year,
NIST standardized the lattice-based signature scheme ML-DSA, which adopts the hedged Fiat-Shamir with aborts. However, existing security proofs against bit-tampering faults do not directly apply, as Aranha et al. left this as an open problem. To address
this gap, we analyze the security of ML-DSA against multi-bit fault-injection attacks. We provide a formal proof of security for a specific class of intermediate values, showing that faults at these points cannot be exploited. Furthermore, to highlight
the infeasibility of stronger fault resilience, we present key-recovery attacks that exploit signatures generated under fault injection at the other intermediate values.



## 2025/905

* Title: Authenticated Key Exchange Protocol with Remote Randomness
* Authors: John C. W. Chan
* [Permalink](https://eprint.iacr.org/2025/905)
* [Download](https://eprint.iacr.org/2025/905.pdf)

### Abstract

A conventional Authenticated Key Exchange (AKE) protocol consumes fresh random coins from the local random source. However, recent studies of bad randomness expose the vulnerability of some AKE protocols under small subgroup attacks when the random coins
are manipulated or being repeated. It is important to ensure the bad randomness of one random source will not affect the security of the AKE protocol as a whole.

Thus, we introduce the notion of remote randomness by introducing additional ephemeral keys generated by a fresh remote random source in the AKE protocol. In this paper, we argue that because of the thrive of cloud computing, it encourages high
speed internal data transfer within server clusters or virtual machines, including entropy pool data used in our remote randomness AKE protocols. We present a remote randomness modification to the HMQV protocol to demonstrate its resilience under the
manipulation of local random sources. We then provide a new security model with the consideration of remote randomness and show thatthe modified AKE protocol is secure under our new model.



## 2025/906

* Title: Covert Attacks on Machine Learning Training in Passively Secure MPC
* Authors: Matthew Jagielski, Rahul Rachuri, Daniel Escudero, Peter Scholl
* [Permalink](https://eprint.iacr.org/2025/906)
* [Download](https://eprint.iacr.org/2025/906.pdf)

### Abstract

Secure multiparty computation (MPC) allows data owners to train machine learning models on combined data while keeping the underlying training data private. The MPC threat model either considers an adversary who passively corrupts some parties without
affecting their overall behavior, or an adversary who actively modifies the behavior of corrupt parties. It has been argued that in some settings, active security is not a major concern, partly because of the potential risk of reputation loss if a party
is detected cheating.

In this work we show explicit, simple, and effective attacks that an active adversary can run on existing passively secure MPC training protocols, while keeping essentially zero risk of the attack being detected. The attacks we show can compromise both
the integrity and privacy of the model, including attacks reconstructing exact training data.
Our results challenge the belief that a threat model that does not include malicious behavior by the involved parties may be reasonable in the context of PPML, motivating the use of actively secure protocols for training.



## 2025/907

* Title: New Framework for Structure-Aware PSI From Distributed Function Secret Sharing
* Authors: Dung Bui, Gayathri Garimella, Peihan Miao, Phuoc Van Long Pham
* [Permalink](https://eprint.iacr.org/2025/907)
* [Download](https://eprint.iacr.org/2025/907.pdf)

### Abstract


[continued in next message]

--- SoupGate-Win32 v1.05
* Origin: fsxNet Usenet Gateway (21:1/5)