Improving Stateless Hash-Based Signatures

Conference paper
Part of the Lecture Notes in Computer Science book series (LNCS, volume 10808)

Abstract

We present several optimizations to SPHINCS, a stateless hash-based signature scheme proposed by Bernstein et al. in (2015): PORS, a more secure variant of the HORS few-time signature scheme used in SPHINCS; secret key caching, to speed-up signing and reduce signature size; batch signing, to amortize signature time and reduce signature size when signing multiple messages at once; mask-less constructions to reduce the key size and simplify the scheme; and Octopus, a technique to eliminate redundancies from authentication paths in Merkle trees. Based on a refined analysis of the subset resilience problem, we show that SPHINCS’ parameters can be modified to reduce the signature size while retaining a similar security level and computation time. We then propose Gravity-SPHINCS, our variant of SPHINCS embodying the aforementioned tricks. Gravity-SPHINCS has shorter keys (32 and 64 bytes instead of \({\approx }1\,\text {KB}\)), shorter signatures (\({\approx }30\,\text {KB}\) instead of 41 KB), and faster signing and verification for the same security level as SPHINCS.

References

  1. 1.
    Submission requirements and evaluation criteria for the post-quantum cryptography standardization process. NIST, December 2016. http://csrc.nist.gov/groups/ST/post-quantum-crypto/documents/call-for-proposals-final-dec-2016.pdf
  2. 2.
    Aumasson, J.P., Endignoux, G.: Clarifying the subset resilience problem. Cryptology ePrint Archive, Report 2017/909 (2017)Google Scholar
  3. 3.
    Bellare, M., Garay, J.A., Rabin, T.: Fast batch verification for modular exponentiation and digital signatures. In: Nyberg, K. (ed.) EUROCRYPT 1998. LNCS, vol. 1403, pp. 236–250. Springer, Heidelberg (1998).  https://doi.org/10.1007/BFb0054130 Google Scholar
  4. 4.
    Bernstein, D.J.: Cost analysis of hash collisions: will quantum computers make sharcs obsolete? SHARCS 2009 special-purpose hardware for attacking cryptographic systems, p. 105 (2009)Google Scholar
  5. 5.
    Bernstein, D.J.: SPHINCS: practical stateless hash-based signatures. In: Oswald, E., Fischlin, M. (eds.) EUROCRYPT 2015, Part I. LNCS, vol. 9056, pp. 368–397. Springer, Heidelberg (2015).  https://doi.org/10.1007/978-3-662-46800-5_15 Google Scholar
  6. 6.
    Buchmann, J., Dahmen, E., Hülsing, A.: XMSS - a practical forward secure signature scheme based on minimal security assumptions. In: Yang, B.-Y. (ed.) PQCrypto 2011. LNCS, vol. 7071, pp. 117–129. Springer, Heidelberg (2011).  https://doi.org/10.1007/978-3-642-25405-5_8 CrossRefGoogle Scholar
  7. 7.
    Buchmann, J., Dahmen, E., Schneider, M.: Merkle tree traversal revisited. In: Buchmann, J., Ding, J. (eds.) PQCrypto 2008. LNCS, vol. 5299, pp. 63–78. Springer, Heidelberg (2008).  https://doi.org/10.1007/978-3-540-88403-3_5 CrossRefGoogle Scholar
  8. 8.
    Chailloux, A., Naya-Plasencia, M., Schrottenloher, A.: An efficient quantum collision search algorithm and implications on symmetric cryptography. In: Takagi, T., Peyrin, T. (eds.) ASIACRYPT 2017, Part II. LNCS, vol. 10625, pp. 211–240. Springer, Cham (2017).  https://doi.org/10.1007/978-3-319-70697-9_8 CrossRefGoogle Scholar
  9. 9.
    Dahmen, E., Okeya, K., Takagi, T., Vuillaume, C.: Digital signatures out of second-preimage resistant hash functions. In: Buchmann, J., Ding, J. (eds.) PQCrypto 2008. LNCS, vol. 5299, pp. 109–123. Springer, Heidelberg (2008).  https://doi.org/10.1007/978-3-540-88403-3_8 CrossRefGoogle Scholar
  10. 10.
    Endignoux, G.: Design and implementation of a post-quantum hash-based cryptographic signature scheme. Master’s thesis, EPFL (2017)Google Scholar
  11. 11.
    Fiat, A.: Batch RSA. In: Brassard, G. (ed.) CRYPTO 1989. LNCS, vol. 435, pp. 175–185. Springer, New York (1990).  https://doi.org/10.1007/0-387-34805-0_17 CrossRefGoogle Scholar
  12. 12.
    Goldreich, O.: Foundations of Cryptography: Basic Applications, vol. 2. Cambridge University Press, Cambridge (2004)CrossRefMATHGoogle Scholar
  13. 13.
    Hülsing, A.: W-OTS+ - shorter signatures for hash-based signature schemes. In: Youssef, A., Nitaj, A., Hassanien, A.E. (eds.) AFRICACRYPT 2013. LNCS, vol. 7918, pp. 173–188. Springer, Heidelberg (2013).  https://doi.org/10.1007/978-3-642-38553-7_10 CrossRefGoogle Scholar
  14. 14.
    Hülsing, A., Rijneveld, J., Song, F.: Mitigating multi-target attacks in hash-based signatures. In: Cheng, C.-M., Chung, K.-M., Persiano, G., Yang, B.-Y. (eds.) PKC 2016, Part I. LNCS, vol. 9614, pp. 387–416. Springer, Heidelberg (2016).  https://doi.org/10.1007/978-3-662-49384-7_15 CrossRefGoogle Scholar
  15. 15.
    Jakobsson, M., Leighton, T., Micali, S., Szydlo, M.: Fractal Merkle tree representation and traversal. In: Joye, M. (ed.) CT-RSA 2003. LNCS, vol. 2612, pp. 314–326. Springer, Heidelberg (2003).  https://doi.org/10.1007/3-540-36563-X_21 CrossRefGoogle Scholar
  16. 16.
    Kölbl, S., Lauridsen, M.M., Mendel, F., Rechberger, C.: Haraka v2 - efficient short-input hashing for post-quantum applications. IACR Trans. Symmetric Cryptol. 2016(2), 1–29 (2016)Google Scholar
  17. 17.
    Merkle, R.C.: A certified digital signature. In: Brassard, G. (ed.) CRYPTO 1989. LNCS, vol. 435, pp. 218–238. Springer, New York (1990).  https://doi.org/10.1007/0-387-34805-0_21 CrossRefGoogle Scholar
  18. 18.
    Pavlovski, C., Boyd, C.: Efficient batch signature generation using tree structures. In: International Workshop on Cryptographic Techniques and E-Commerce, CrypTEC, vol. 99, pp. 70–77 (1999)Google Scholar
  19. 19.
    Reyzin, L., Reyzin, N.: Better than BiBa: short one-time signatures with fast signing and verifying. In: Batten, L., Seberry, J. (eds.) ACISP 2002. LNCS, vol. 2384, pp. 144–153. Springer, Heidelberg (2002).  https://doi.org/10.1007/3-540-45450-0_11 CrossRefGoogle Scholar
  20. 20.
    Szydlo, M.: Merkle tree traversal in log space and time. In: Cachin, C., Camenisch, J.L. (eds.) EUROCRYPT 2004. LNCS, vol. 3027, pp. 541–554. Springer, Heidelberg (2004).  https://doi.org/10.1007/978-3-540-24676-3_32 CrossRefGoogle Scholar

Copyright information

© Springer International Publishing AG, part of Springer Nature 2018

Authors and Affiliations

  1. 1.Kudelski SecurityCheseaux-sur-LausanneSwitzerland
  2. 2.EPFLLausanneSwitzerland

Personalised recommendations