Skip to main content
Springer Nature Link
Log in

Real-World Post-Quantum Digital Signatures

  • Conference paper
  • First Online:
Cyber Security and Privacy (CSP 2015)

Part of the book series: Communications in Computer and Information Science ((CCIS,volume 530))

Included in the following conference series:

  • 988 Accesses

Abstract

Digital signatures are ubiquitous in modern security infrastructures. Their lack of diversity in industrial settings makes most contemporary systems susceptible to quantum computer-aided attacks. Alternatives exist, among which a family of well-understood schemes with minimal security requirements: hash-based signatures. In addition to being quantum-safe, hash-based signatures are modular, providing long-term security. They are not yet being used in practice. We discuss the reasons for this gap between theory and practice and outline a strategy to bridge it. We then detail our work to realise the described plan.

This is a preview of subscription content, log in via an institution to check access.

Access this chapter

Log in via an institution

Subscribe and save

Springer+ Basic
$34.99 /Month
  • Get 10 units per month
  • Download Article/Chapter or eBook
  • 1 Unit = 1 Article or 1 Chapter
  • Cancel anytime
Subscribe now

Buy Now

Chapter
USD 29.95
Price excludes VAT (USA)
  • Available as PDF
  • Read on any device
  • Instant download
  • Own it forever

Tax calculation will be finalised at checkout

Purchases are for personal use only

Institutional subscriptions

Similar content being viewed by others

Notes

  1. 1.

    While the full descriptions of XMSS and its multi-tree variant are provably forward secure [10, 29], this property relies on constructs irrelevant to interoperability. The proposed standardisation of HBS schemes we discuss later therefore does not intrinsically yield forward security, but permits it if the right components (such as a forward secure pseudo-random number generator) are used in its implementation.

  2. 2.

    When using W-OTS+, security requirements are reduced from collision resistance to second preimage resistance.

References

  1. OpenSSL: The Open Source toolkit for SSL/TLS. https://www.openssl.org/

  2. Legion of the Bouncy Castle (2013). https://www.bouncycastle.org/

  3. de Oliveira, A.K.D.S.: An efficient software implementation of XMSS. Presented at LATINCRYPT 2014 (2014)

    Google Scholar 

  4. Bellare, M., Miner, S.K.: A forward-secure digital signature scheme. In: Wiener, M. (ed.) CRYPTO 1999. LNCS, vol. 1666, p. 431. Springer, Heidelberg (1999)

    Google Scholar 

  5. Bernstein, D.J., et al.: SPHINCS: practical stateless hash-based signatures. In: Oswald, E., Fischlin, M. (eds.) EUROCRYPT 2015. LNCS, vol. 9056, pp. 368–397. Springer, Heidelberg (2015)

    Google Scholar 

  6. Bertoni, G., Daemen, J., Peeters, M., Assche, G.V.: The Keccak reference (2011). http://keccak.noekeon.org/

  7. Bos, J.W., Costello, C., Naehrig, M., Stebila, D.: Post-quantum key exchange for the TLS protocol from the ring learning with errors problem. IEEE Symposium on Security and Privacy, pp. 553-570 (2015)

    Google Scholar 

  8. Boura, C., Canteaut, A.: Zero-sum distinguishers for iterated permutations and application to Keccak-f and Hamsi-256. In: Biryukov, A., Gong, G., Stinson, D.R. (eds.) SAC 2010. LNCS, vol. 6544, pp. 1–17. Springer, Heidelberg (2011)

    Chapter  Google Scholar 

  9. Braun, J., Hülsing, A., Wiesmaier, A., Vigil, M.A.G., Buchmann, J.: How to avoid the breakdown of public key infrastructures. In: De Capitani di Vimercati, S., Mitchell, C. (eds.) EuroPKI 2012. LNCS, vol. 7868, pp. 53–68. Springer, Heidelberg (2013)

    Chapter  Google Scholar 

  10. Buchmann, J., Dahmen, E., Hülsing, A.: XMSS - a practical forward secure signature scheme based on minimal security assumptions. In: Yang, B.-Y. (ed.) PQCrypto 2011. LNCS, vol. 7071, pp. 117–129. Springer, Heidelberg (2011)

    Chapter  Google Scholar 

  11. Buchmann, J., Dahmen, E., Klintsevich, E., Okeya, K., Vuillaume, C.: Merkle signatures with virtually unlimited signature capacity. In: Katz, J., Yung, M. (eds.) ACNS 2007. LNCS, vol. 4521, pp. 31–45. Springer, Heidelberg (2007)

    Chapter  Google Scholar 

  12. Buchmann, J., García, L.C.C., Dahmen, E., Döring, M., Klintsevich, E.: CMSS – an improved Merkle signature scheme. In: Barua, R., Lange, T. (eds.) INDOCRYPT 2006. LNCS, vol. 4329, pp. 349–363. Springer, Heidelberg (2006)

    Chapter  Google Scholar 

  13. Courtois, N.T., Finiasz, M., Sendrier, N.: How to achieve a McEliece-based digital signature scheme. In: Boyd, C. (ed.) ASIACRYPT 2001. LNCS, vol. 2248, p. 157. Springer, Heidelberg (2001)

    Chapter  Google Scholar 

  14. DeAngelis, S.F.: Closing In On Quantum Computing. Wired (2014)

    Google Scholar 

  15. Ding, J., Schmidt, D.: Rainbow, a new multivariable polynomial signature scheme. In: Ioannidis, J., Keromytis, A.D., Yung, M. (eds.) ACNS 2005. LNCS, vol. 3531, pp. 164–175. Springer, Heidelberg (2005)

    Chapter  Google Scholar 

  16. Dods, C., Smart, N.P., Stam, M.: Hash based digital signature schemes. In: Smart, N.P. (ed.) Cryptography and Coding 2005. LNCS, vol. 3796, pp. 96–115. Springer, Heidelberg (2005)

    Chapter  Google Scholar 

  17. Duc, A., Guo, J., Peyrin, T., Wei, L.: Unaligned rebound attack: application to Keccak. In: Canteaut, A. (ed.) FSE 2012. LNCS, vol. 7549, pp. 402–421. Springer, Heidelberg (2012)

    Chapter  Google Scholar 

  18. Ducas, L., Durmus, A., Lepoint, T., Lyubashevsky, V.: Lattice signatures and bimodal gaussians. In: Canetti, R., Garay, J.A. (eds.) CRYPTO 2013, Part I. LNCS, vol. 8042, pp. 40–56. Springer, Heidelberg (2013)

    Chapter  Google Scholar 

  19. El Gamal, T.: A public key cryptosystem and a signature scheme based on discrete logarithms. In: Blakely, G.R., Chaum, D. (eds.) CRYPTO 1984. LNCS, vol. 196, pp. 10–18. Springer, Heidelberg (1985)

    Chapter  Google Scholar 

  20. ETSI: White paper: Quantum Safe Cryptography and Security; An introduction, benefits, enablers and challenges. http://docbox.etsi.org/Workshop/2014/201410_CRYPTO/Quantum_Safe_Whitepaper_1_0_0.pdf (2014)

  21. Gazdag, S., Butin, D.: Practical Hash-based Signatures (Quantencomputer-resistente Signaturverfahren für die Praxis) (2014). http://square-up.org/

  22. Google: BoringSSL (2014). https://boringssl.googlesource.com/boringssl/

  23. Grover, L.K.: A fast quantum mechanical algorithm for database search. In: Symposium on Theory of Computing (STOC), pp. 212–219. ACM (1996)

    Google Scholar 

  24. Housley, R.: Use of the hash-based Merkle tree signature (MTS) algorithm in the cryptographic message syntax (CMS). IETF (2015) (Internet-Draft )

    Google Scholar 

  25. Hülsing, A.: Practical Forward Secure Signatures using Minimal Security Assumptions. Ph.D. thesis, Technische Universität Darmstadt (2013)

    Google Scholar 

  26. Hülsing, A.: W-OTS+ – shorter signatures for hash-based signature schemes. In: Youssef, A., Nitaj, A., Hassanien, A.E. (eds.) AFRICACRYPT 2013. LNCS, vol. 7918, pp. 173–188. Springer, Heidelberg (2013)

    Chapter  Google Scholar 

  27. Hülsing, A., Busold, C., Buchmann, J.: Forward secure signatures on smart cards. In: Knudsen, L.R., Wu, H. (eds.) SAC 2012. LNCS, vol. 7707, pp. 66–80. Springer, Heidelberg (2013)

    Chapter  Google Scholar 

  28. Hülsing, A., Butin, D., Gazdag, S.L., Mohaisen, A.: XMSS: Extended Hash-Based Signatures. IETF (2015) (Internet-Draft)

    Google Scholar 

  29. Hülsing, A., Rausch, L., Buchmann, J.: Optimal parameters for XMSS\(^{MT}\). In: Cuzzocrea, A., Kittl, C., Simos, D.E., Weippl, E., Xu, L. (eds.) CD-ARES Workshops 2013. LNCS, vol. 8128, pp. 194–208. Springer, Heidelberg (2013)

    Chapter  Google Scholar 

  30. IBM: IBM ILOG CPLEX Optimizer. http://www-01.ibm.com/software/commerce/optimization/cplex-optimizer/index.html

  31. Johnson, D., Menezes, A., Vanstone, S.: The elliptic curve digital signature algorithm (ECDSA). Int. J. Inf. Secur. 1(1), 36–63 (2001)

    Article  Google Scholar 

  32. Lamport, L.: Constructing Digital Signatures from a One Way Function. Technical report, SRI International Computer Science Laboratory (1979)

    Google Scholar 

  33. Lenstra, A.K., Verheul, E.R.: Selecting cryptographic key sizes. J. Crypt. 14(4), 255–293 (2001)

    Article  MathSciNet  MATH  Google Scholar 

  34. McGrew, D., Curcio, M.: Hash-Based Signatures. IETF (2014) (Internet-Draft)

    Google Scholar 

  35. Merkle, R.C.: A certified digital signature. In: Brassard, G. (ed.) CRYPTO 1989. LNCS, vol. 435, pp. 218–238. Springer, Heidelberg (1990)

    Google Scholar 

  36. National Institute of Standards and Technology: FIPS PUB 186–4: Digital Signature Standard (DSS). National Institute for Standards and Technology (2013). http://nvlpubs.nist.gov/nistpubs/FIPS/NIST.FIPS.186-4.pdf

  37. Nguyen, P.Q., Regev, O.: Learning a parallelepiped: cryptanalysis of GGH and NTRU signatures. J. Crypt. 22(2), 139–160 (2009)

    Article  MathSciNet  MATH  Google Scholar 

  38. OpenBSD: LibreSSL (2014). http://www.libressl.org/

  39. OpenSSL Security Advisory: SSL/TLS MITM vulnerability (CVE-2014-0224) (2014). https://www.openssl.org/news/secadv_20140605.txt

  40. OpenSSL Security Advisory: TLS heartbeat read overrun (CVE-2014-0160) (2014). https://www.openssl.org/news/secadv/20140407.txt

  41. Pop, I.M., Geerlings, K., Catelani, G., Schoelkopf, R.J., Glazman, L.I., Devoret, M.H.: Coherent suppression of electromagnetic dissipation due to superconducting quasiparticles. Nat. 508(7496), 369–372 (2014)

    Article  Google Scholar 

  42. Rich, S., Gellman, B.: NSA seeks to build quantum computer that could crack most types of encryption. The Washington Post (2014)

    Google Scholar 

  43. Rivest, R., Shamir, A., Adleman, L.: A method for obtaining digital signatures and public-key cryptosystems. Commun. ACM 21, 120–126 (1978)

    Article  MathSciNet  MATH  Google Scholar 

  44. Saeedi, K., et al.: Room-temperature quantum bit storage exceeding 39 minutes using ionized donors in silicon-28. Sci. 342(6160), 830–833 (2013)

    Article  Google Scholar 

  45. Shor, P.W.: Polynomial-time algorithms for prime factorization and discrete logarithms on a quantum computer. SIAM J. Comput. 26(5), 1484–1509 (1997)

    Article  MathSciNet  MATH  Google Scholar 

  46. TU Darmstadt: FlexiProvider, an open source Java Cryptographic Service Provider (2006). http://www.flexiprovider.de/javadoc/flexiprovider/docs/de/flexiprovider/pqc/hbc/gmss/package-summary.html

Download references

Author information

Authors and Affiliations

  1. TU Darmstadt, Darmstadt, Germany

    Denis Butin & Johannes Buchmann

  2. genua mbH, Kirchheim Bei München, Germany

    Stefan-Lukas Gazdag

Authors
  1. Denis Butin
    View author publications

    You can also search for this author in PubMed Google Scholar

  2. Stefan-Lukas Gazdag
    View author publications

    You can also search for this author in PubMed Google Scholar

  3. Johannes Buchmann
    View author publications

    You can also search for this author in PubMed Google Scholar

Corresponding author

Correspondence to Denis Butin .

Editor information

Editors and Affiliations

  1. Waterford Institute of Technology, Waterford, Ireland

    Frances Cleary

  2. Security and Cloud Lab, Hewlett-Packard Laboratories, Bristol, United Kingdom

    Massimo Felici

Rights and permissions

Reprints and permissions

Copyright information

© 2015 Springer International Publishing Switzerland

About this paper

Cite this paper

Butin, D., Gazdag, SL., Buchmann, J. (2015). Real-World Post-Quantum Digital Signatures. In: Cleary, F., Felici, M. (eds) Cyber Security and Privacy. CSP 2015. Communications in Computer and Information Science, vol 530. Springer, Cham. https://doi.org/10.1007/978-3-319-25360-2_4

Download citation

  • DOI: https://doi.org/10.1007/978-3-319-25360-2_4

  • Published:

  • Publisher Name: Springer, Cham

  • Print ISBN: 978-3-319-25359-6

  • Online ISBN: 978-3-319-25360-2

  • eBook Packages: Computer ScienceComputer Science (R0)

Publish with us

Policies and ethics