Exploiting ML-DSA bugs [pdf] (cr.yp.to)

A recent paper by Daniel J. Bernstein reveals significant vulnerabilities in multiple implementations of the Dilithium post-quantum signature system, particularly the ML-DSA variant. Bernstein demonstrates that minor modifications to the ML-DSA software can replicate known vulnerabilities, enabling an attacker to forge signatures on arbitrary messages in just one second using a single laptop core. This finding raises critical concerns about the security of cryptographic systems that are currently in a rush to transition to post-quantum signatures, emphasizing the need for rigorous scrutiny in the deployment of such technologies. The implications for the AI/ML community and the broader cryptographic landscape are considerable. Bernstein’s research underscores that vulnerabilities in large cryptographic libraries can persist despite claims of being formally verified, highlighting the risks associated with rapid development cycles and inadequate testing. Additionally, the paper provides estimates for the rate of exploitable vulnerabilities and discusses the potential impacts of quantum attacks, forcing developers to reconsider their approach to relying solely on new cryptographic standards. This research serves as a stark reminder of the importance of thorough testing and validation in the implementation of advanced cryptographic systems, especially in an era where quantum computing threats loom large.