Cryptanalysis of a One-Time Code-Based Digital Signature Scheme
This work exposes a critical vulnerability in a proposed code-based digital signature scheme, undermining its security claims for cryptographic applications.
The authors demonstrated a key recovery attack on Persichetti's one-time digital signature scheme, showing that a single intercepted signature allows full secret key recovery with complexity far below the claimed security level.
We consider a one-time digital signature scheme recently proposed by Persichetti and show that a successful key recovery attack can be mounted with limited complexity. The attack we propose exploits a single signature intercepted by the attacker, and relies on a statistical analysis performed over such a signature, followed by information set decoding. We assess the attack complexity and show that a full recovery of the secret key can be performed with a work factor that is far below the claimed security level. The efficiency of the attack is motivated by the sparsity of the signature, which leads to a significant information leakage about the secret key.