惯性聚合 高效追踪和阅读你感兴趣的博客、新闻、科技资讯
阅读原文 在惯性聚合中打开

推荐订阅源

钛媒体:引领未来商业与生活新知
钛媒体:引领未来商业与生活新知
T
Troy Hunt's Blog
P
Proofpoint News Feed
V
Vulnerabilities – Threatpost
C
Cybersecurity and Infrastructure Security Agency CISA
K
Kaspersky official blog
Cyberwarzone
Cyberwarzone
T
Tor Project blog
Cisco Talos Blog
Cisco Talos Blog
S
Securelist
L
Lohrmann on Cybersecurity
Security Latest
Security Latest
T
Threatpost
H
Heimdal Security Blog
W
WeLiveSecurity
A
Arctic Wolf
Cyber Security Advisories - MS-ISAC
Cyber Security Advisories - MS-ISAC
奇客Solidot–传递最新科技情报
奇客Solidot–传递最新科技情报
G
GRAHAM CLULEY
IT之家
IT之家
freeCodeCamp Programming Tutorials: Python, JavaScript, Git & More
TaoSecurity Blog
TaoSecurity Blog
A
About on SuperTechFans
cs.CL updates on arXiv.org
cs.CL updates on arXiv.org
N
News and Events Feed by Topic
Hacker News - Newest:
Hacker News - Newest: "LLM"
Last Week in AI
Last Week in AI
T
The Blog of Author Tim Ferriss
Threat Intelligence Blog | Flashpoint
Threat Intelligence Blog | Flashpoint
Microsoft Azure Blog
Microsoft Azure Blog
Hugging Face - Blog
Hugging Face - Blog
Google DeepMind News
Google DeepMind News
量子位
Stack Overflow Blog
Stack Overflow Blog
Know Your Adversary
Know Your Adversary
B
Blog RSS Feed
阮一峰的网络日志
阮一峰的网络日志
WordPress大学
WordPress大学
cs.CV updates on arXiv.org
cs.CV updates on arXiv.org
AI
AI
OSCHINA 社区最新新闻
OSCHINA 社区最新新闻
博客园 - 司徒正美
Apple Machine Learning Research
Apple Machine Learning Research
GbyAI
GbyAI
Vercel News
Vercel News
C
Cyber Attacks, Cyber Crime and Cyber Security
Latest news
Latest news
D
Darknet – Hacking Tools, Hacker News & Cyber Security
大猫的无限游戏
大猫的无限游戏
Forbes - Security
Forbes - Security

Cryptology ePrint Archive

Improved Dual Attack and Trapdoor Sampling via Quantum Rejection Sampling Verifying Consensus Protocols from LLM-assisted TLA$^+$: A Case Study of Byzantine Reliable Broadcast Asynchronous Lagrange-Based Threshold FHE with Smaller Modulus Overhead Breaking ACDGV MinRank Gabidulin encryption schemes over matrix codes Explicit cost analysis of Toom-4 multiplication for incomplete NTT in lattice-based cryptography Security Analysis on a Blockchain-based Public-Key Authenticated Searchable Encryption Scheme Icy-DVRF: A Distributed Verifiable Random Function based on FROST signatures Frobenius-UOV: A Very Efficient Multivariate Public Key Signature Scheme Revisiting Linear Subspace Trails in Poseidon A New Multiscalar Multiplication Method Resistant to Timing Attacks Device Binding for Anonymous Credentials on Legacy Phones Beyond Quadratic: Unlocking Pseudorandomness with Quartic Character Multi-leveled and ISA/IEC 62443-aware Certificate Transparency to Protect the PKI Service Supply Chain of Operational Technology rBFT: a Revamped Two-Stage BFT from Delegated Committee Delving Deep into Security Guarantees against Integral Distinguishers with Applications to PRESENT, TWINE and LBLOCK On the Communication Complexity of Sleepy Consensus Operationalising Post‑Quantum TLS: Automated Configuration Profiling and Hybrid PQC Deployment in Financial Infrastructure Enhancing Blockchain Proof of Stake with Active Weighted Signatures: The ADAPT Framework Threshold FHE with Short Decryption Shares without a Semi-trusted Server Efficient Bootstrapping in Fully Homomorphic Encryption for Matrix Arithmetic YsPIR: HE-Based Single-Server Private Information Retrieval with Low Communication Cost and High Throughput Black-box validation of Falcon key generation under numerical instability Tight Lattice-Based Signatures without Trapdoors from Search LWE Formalizing Blockchain PQC Signature Transition: How to Outpace Quantum Adversaries Optimized G+G Signature Storing Less in-the-Head: An Area-Efficient Hardware Architecture for SDitH-v2 SoK: Private LLM Inference using Approximate Homomorphic Encryption BitVM3: Efficient Bitcoin Bridges via Garbled Circuits Private Function Evaluation with Linear Complexity Obscura: Privacy-Preserving Protocol for the Algorand Blockchain Using LSAG Ring Signatures Cryptanalysis of Definite and Indefinite Lattice Isomorphism Problems With Applications to HAWK and DEFI Formalizing and Strengthening the Security Proof of NTOR Verifiable Anomaly and Similarity Detection Using Matrix Profile in Private Time-series Privacy Coins Under Viewing Key Compromise Adaptively-Secure Flexible and Identity-Based Broadcast Encryption from Decomposed LWE MERIDIAN: A Toroid-Inspired Permutation Block Cipher for Constrained Environments Toward Practical Fair Data Exchange: Eliminating In-Circuit Public-Key Operations Fault Injection Attacks Against zkSTARKs Beyond Binary: crosscorrelation of Cubic, Quartic and Quintic Character Sequences A Post-Quantum Accountable Sanitizable Signature Scheme Based on Unbalanced Oil and Vinegar Better Usability: Leakage-Resistant AEADs from Single-length Blockciphers TieredOMap: Skewness-Aware Oblivious Map Non-Adaptive Programmable PRFs and Applications to Stacked Garbling Mosaic: Practical Malicious Security for Garbled Circuits on Bitcoin Efficient Bootstrapping of Matrices in FHE Formal Verification, Integration and Physical Evaluation of Prime-Field Masking on Silicon New Techniques for Communication-Efficient Secure Comparison Protocols Verifying Provenance of Digital Media: Security Analysis of C2PA and its Implementation EQuADiSE: Efficient Quantum-safe Adaptive Distributed Symmetric-key Encryption Panther: Robust Hybrid KEM Combiners via Structural Splicing Cobra: All-in-one for full-fledged defense — a hybrid nested KEM SCOUT-CT: Sound Constant-Time Outcome with Uncertainty Tracking using multi-taint analysis Cryptanalysis of the Sharafi–Daghigh digital signature scheme Improved Garbled RAM via Garbled Merge GlitchSnipe: Toward Localized Voltage Fault Attacks MCU: An Efficient and Scalable Nonlinear Function Evaluation in MPC without Preprocessing Divide-and-Pair: Faster subgroup membership testing for elliptic curves Related-Key Multi-Pair Neural Distinguishers: Analysis and Applications to Lightweight Block Ciphers MDSS-STAR: Private Heavy-Hitters through Multi-Dealer Secret Sharing How to Authenticate a Non-Deterministic Computation Quick Draw Queries: Lightweight Searchable Public-key Ciphertexts with Hidden Structures via Non-Interactive Key Exchange Boolean Arithmetic over $\mathbb{F}_2$ from Group Commutators Open Problems in List Decoding and Correlated Agreement An Efficient Identity-Based Blind Signature Scheme from SM9 Tighter Bounds for the Oblivious Bit-Fixing Inner Product Extractor on Biased Seeds Counting and recovering the quadratic relations of a vectorial function Perils of Parallelism: Transaction Fee Mechanisms under Execution Uncertainty RoKoko: Lattice-based Succinct Arguments, a Committed Refinement Aggregator-Based Voting using proof of Partition HARE: Compact HQC via Distance-Informed Erasure Decoding A Maliciously-Secure Post-Quantum OPRF from Crypto Dark Matter Byzantine Consensus in the Partially Authenticated Setting Post-Quantum Anonymous Signatures from the Lattice Isomorphism Group Action Issuer-Hiding for BBS Anonymous Credentials via Randomizable Keys Relaxed Modular PCS from Arbitrary PCS and Applications to SNARKs for Integers Cross-Algorithm Deep Learning-based Non-Profiled Side-Channel Attacks Exploiting Symmetric Leakage Key Recovery Attacks on UOV Using $p^\ell$-truncated Polynomial Rings Reducing the Number of Qubits in Quantum Discrete Logarithms on Elliptic Curves PhantomCrypt: Second-Order Deniable Encryption with Post-Quantum Security When Trying to Catch Cheaters Breaks the MPC: Breaking and Fixing Delayed Consistency Checks in Trident, Fantastic Four, SWIFT, and Quad (Full Version) On the Use of Atkin and Weber Modular Polynomials in Isogeny Proofs of Knowledge Private IP Address Inference in NAT Networks via Off-Path TCP Control-Plane Attack Minimizing Mempool Dependency in PoW Mining on Blockchain: A Paradigm Shift with Compressed Block Representation for Enhanced Scalability, Decentralization and Security. Beyond-Birthday-Bound Security with HCTR2: Cascaded Construction and Tweak-based Key Derivation From Matrix to Polynomial NTRU FHE: Enabling Amortized Bootstrapping via Sparse Keys Adaptive NIKE for Unbounded Parties Hyperion: Private Token Sampling with Homomorphic Encryption TSS-PV: Traceable Secret Sharing with Public Verifiability A Graph-Theoretic Framework for Randomness Optimization in First-Order Masked Circuits Auntie: Unobservable Contracts from Zerocash and Trusted Execution Environments Fast Batch Matrix Multiplication in Ciphertexts On the $\gamma$-Spreadness of Average-Case to Worst-Case Transformations On the Regularity of the Generalized Birthday Problem The Pipes Model for Latency and Throughput Analysis Permutation-Based Hash from Non-Idealized Assumptions: Adding Feed-Forward to Sponge Secret-Key PIR from Random Linear Codes K-Linkable Ring Signatures and Applications in Generalized Voting Dynamic zk-SNARKs (with applications to sparse zk-SNARKs and IVC) ProxCode: Efficient Proximity Searchable Encryption from Error Correcting Codes DLFA: Deep Learning based Fault Analysis against Block Ciphers
KAT-Seeded Fuzzing of Stateful Hash-Based Signature Verification in liboqs
Vishnu Ajith, Quentangle · 2026-05-30 · via Cryptology ePrint Archive

Paper 2026/1107

KAT-Seeded Fuzzing of Stateful Hash-Based Signature Verification in liboqs

Muhammad Ibrahim, Quentangle

Muhammed Sihan Haroon, Quentangle

Abstract

Stateful hash-based signature schemes such as XMSS and LMS are increasingly important in post-quantum cryptographic deployments, yet their verification paths remain difficult to fuzz effectively because key generation is substantially more expensive than verification. This paper presents a structured libFuzzer methodology for testing stateful hash-based signature verification in liboqs. The proposed approach uses pre-computed Known Answer Test (KAT) vectors to initialise valid public key, signature, and message buffers once during harness setup, enabling high-throughput mutation of verification inputs without repeated key generation. Using this methodology, we implemented and upstreamed two fuzz harnesses targeting XMSS/XMSSMT and LMS/HSS-LMS verification paths in liboqs. A ten-minute AddressSanitizer-enabled fuzzing campaign identified an OID-confusion heap-buffer-overflow in xmssmt_core_sign_open, assigned CVE-2026-46344. The flaw occurs when attacker-controlled public-key OID bytes derive a parameter set whose expected signature length exceeds the caller-allocated buffer, resulting in an out-of-bounds read during signature parsing. The issue was reproduced using a five-byte minimal crashing input and a standalone C reproducer, disclosed through the Open Quantum Safe coordinated disclosure process, and fixed in liboqs 0.16.0. We further identify a mutation-distribution bias affecting short-input LMS fuzzing and resolve it using a round-robin field-rotation strategy. The resulting framework provides a reproducible and upstream-integrated methodology for adversarial testing of stateful post-quantum signature verification implementations.

BibTeX

@misc{cryptoeprint:2026/1107,
      author = {Vishnu Ajith and Muhammad Ibrahim and Muhammed Sihan Haroon},
      title = {{KAT}-Seeded Fuzzing of Stateful Hash-Based Signature Verification in liboqs},
      howpublished = {Cryptology {ePrint} Archive, Paper 2026/1107},
      year = {2026},
      url = {https://eprint.iacr.org/2026/1107}
}