Skip to Main content Skip to Navigation
Preprints, Working Papers, ...

About Wave Implementation and its Leakage Immunity

Abstract : Wave is a recent digital signature scheme [3]. It is based on a family of trapdoor one-way Preimage Sampleable Functions and is proven EUF-CMA in the random oracle model under two code-based computational assumptions. One of its key properties is to produce signatures uniformly distributed of fixed Hamming weight. This property implies that, if properly implemented, Wave is immune to leakage attack. We describe here the key stages for the implementation of the Wave trapdoor inverse function to integrate all the features to achieve leakage-freeness. A proof of concept implementation was made in SageMath. It allowed us to check that properly generated Wave signatures are uniformly distributed. In particular, we show that the signatures produced by this implementation defeat the Barreto-Persichetti attack. We show which features of the Wave specification were improperly put aside and explain why the claim of breaking Wave is incorrect. Preliminary Statement. We consider here the first version of Wave (v1 of [3]). This is the version which is allegedly broken in [1]. All the features that guaranty the absence of leakage are already there. It considers a strict (U, U + V) code (i.e. not generalized) and has no information set gap. The description of the decoder for generalized (U, U + V) codes only appeared in the v2. The information set gap (denoted d) appeared in third version of Wave. The information set gap was introduced to give a provably small upper bound for the statistical distance between the signatures distribution and uniform distribution. We conjecture that this statistical distance is negligible even with a zero gap. Our implementation is available at the following URL: https://project.inria.fr/wave and includes the three versions.
Document type :
Preprints, Working Papers, ...
Complete list of metadata

Cited literature [3 references]  Display  Hide  Download

https://hal.inria.fr/hal-02424231
Contributor : Thomas Debris-Alazard <>
Submitted on : Thursday, December 26, 2019 - 8:04:14 PM
Last modification on : Thursday, January 7, 2021 - 3:38:03 PM
Long-term archiving on: : Friday, March 27, 2020 - 4:23:32 PM

File

implem.pdf
Files produced by the author(s)

Identifiers

  • HAL Id : hal-02424231, version 1

Collections

Citation

Thomas Debris-Alazard, Nicolas Sendrier, Jean-Pierre Tillich. About Wave Implementation and its Leakage Immunity. 2019. ⟨hal-02424231⟩

Share

Metrics

Record views

107

Files downloads

238