Paper 2025/2096

Laser Fault Injection Attack on the eXtended Merkle Signature Scheme

Alexander Wagner, Fraunhofer Institute for Applied and Integrated Security
Marc Schink, Fraunhofer Institute for Applied and Integrated Security
Silvan Streit, Fraunhofer Institute for Applied and Integrated Security
Dominik Klein, Federal Office for Information Security
Sven Freud, Federal Office for Information Security
Abstract

The interest in hash-based signatures (HBS) has increased since the need for post-quantum cryptography (PQC) emerged that could withstand attacks by quantum computers. Since their standardization, stateful HBS algorithms have been deployed in several products ranging from embedded devices up to servers. In practice, they are most applicable to verify the integrity and authenticity of data that rarely changes, such as the firmware of embedded devices. The verification procedure then takes place during a secure boot or firmware update process. In past works, the research community has investigated hardware and software optimizations for this use case and vendors brought forward products. In this study, we practically evaluate a fault attack on the Winternitz One-Time Signature (WOTS) scheme. The attack can be mounted on different HBS schemes, such as LMS, XMSS, and SPHINCS+. Both, the verification as well as the signing operation can be targeted. The study describes the preparation and implementation of the attack on a standard microcontroller as well as the difficulties the attacker has to overcome. Additionally it presents a countermeasure, which is easy to implement and can increase the effort for an attacker significantly.

Metadata
Available format(s)
PDF
Category
Attacks and cryptanalysis
Publication info
Published elsewhere. https://www.bsi.bund.de/EN/Service-Navi/Publikationen/Studien/LFI_Attack_XMSS/LFI_Attack_XMSS.html?nn=1022786
Keywords
Fault InjectionPost-Quantum CryptographyHash-based signaturesWinternitz One-Time SignatureXMSSLMSSPHINCS+
Contact author(s)
alexander wagner @ aisec fraunhofer de
marc schink @ aisec fraunhofer de
silvan streit @ aisec fraunhofer de
dominik klein @ bsi bund de
sven freud @ bsi bund de
History
2025-11-17: approved
2025-11-14: received
See all versions
Short URL
https://ia.cr/2025/2096
License
Creative Commons Attribution-NonCommercial-NoDerivs
CC BY-NC-ND

BibTeX 

@misc{cryptoeprint:2025/2096,
      author = {Alexander Wagner and Marc Schink and Silvan Streit and Dominik Klein and Sven Freud},
      title = {Laser Fault Injection Attack on the {eXtended} Merkle Signature Scheme},
      howpublished = {Cryptology {ePrint} Archive, Paper 2025/2096},
      year = {2025},
      url = {https://eprint.iacr.org/2025/2096}
}
Note: In order to protect the privacy of readers, eprint.iacr.org does not use cookies or embedded third party content.