At Asiacrypt 2014, Hanser and Slamanig presented a structure-preserving signatures and prove its EUF-CMA security. Very recently,
Fuchsbauer gave a very surprising attack to point out their claim is flawed by showing how to generate a valid existential forgery with overwhelming probability with 4 chosen-message queries for $l=2$. However, we go further in this paper to show that the Hanser-Slamanig signature scheme is not unforgeable under the adaptive chosen message attack. We present a deterministic polynomial-time chosen-message attack which can forge the valid signature for any message with 3 ({\it resp.} 4) chosen-message queries for $l=2$ ({\it resp.} $l\geq 3$ ).
↧