The Security of the Hanser-Slamanig Signature Scheme Revisited

At Asiacrypt 2014, Hanser and Slamanig presented a structure-preserving signatures and prove its EUF-CMA security. Very recently, Fuchsbauer gave a very surprising attack to point out their claim is awed by showing how to generate a valid existential forgery with overwhelming probability with 4 chosen-message queries for l = 2. However, we go further in this paper to show that the Hanser-Slamanig signature scheme is not unforgeable under the adaptive chosen message attack. We present a deterministic polynomial-time chosen-message attack which can forge the valid signature for any message with 3 (resp. 4) chosen-message queries for l = 2 (resp. l 3 ).