Skip to main content

Real-World Post-Quantum Digital Signatures

Part of the Communications in Computer and Information Science book series (CCIS,volume 530)

Abstract

Digital signatures are ubiquitous in modern security infrastructures. Their lack of diversity in industrial settings makes most contemporary systems susceptible to quantum computer-aided attacks. Alternatives exist, among which a family of well-understood schemes with minimal security requirements: hash-based signatures. In addition to being quantum-safe, hash-based signatures are modular, providing long-term security. They are not yet being used in practice. We discuss the reasons for this gap between theory and practice and outline a strategy to bridge it. We then detail our work to realise the described plan.

Keywords

  • Authenticity
  • Post-quantum
  • Usability
  • Integration

This is a preview of subscription content, access via your institution.

Buying options

Chapter
USD   29.95
Price excludes VAT (USA)
  • DOI: 10.1007/978-3-319-25360-2_4
  • Chapter length: 12 pages
  • Instant PDF download
  • Readable on all devices
  • Own it forever
  • Exclusive offer for individuals only
  • Tax calculation will be finalised during checkout
eBook
USD   54.99
Price excludes VAT (USA)
  • ISBN: 978-3-319-25360-2
  • Instant PDF download
  • Readable on all devices
  • Own it forever
  • Exclusive offer for individuals only
  • Tax calculation will be finalised during checkout
Softcover Book
USD   69.99
Price excludes VAT (USA)
Fig. 1.

Notes

  1. 1.

    While the full descriptions of XMSS and its multi-tree variant are provably forward secure [10, 29], this property relies on constructs irrelevant to interoperability. The proposed standardisation of HBS schemes we discuss later therefore does not intrinsically yield forward security, but permits it if the right components (such as a forward secure pseudo-random number generator) are used in its implementation.

  2. 2.

    When using W-OTS+, security requirements are reduced from collision resistance to second preimage resistance.

References

  1. OpenSSL: The Open Source toolkit for SSL/TLS. https://www.openssl.org/

  2. Legion of the Bouncy Castle (2013). https://www.bouncycastle.org/

  3. de Oliveira, A.K.D.S.: An efficient software implementation of XMSS. Presented at LATINCRYPT 2014 (2014)

    Google Scholar 

  4. Bellare, M., Miner, S.K.: A forward-secure digital signature scheme. In: Wiener, M. (ed.) CRYPTO 1999. LNCS, vol. 1666, p. 431. Springer, Heidelberg (1999)

    Google Scholar 

  5. Bernstein, D.J., et al.: SPHINCS: practical stateless hash-based signatures. In: Oswald, E., Fischlin, M. (eds.) EUROCRYPT 2015. LNCS, vol. 9056, pp. 368–397. Springer, Heidelberg (2015)

    Google Scholar 

  6. Bertoni, G., Daemen, J., Peeters, M., Assche, G.V.: The Keccak reference (2011). http://keccak.noekeon.org/

  7. Bos, J.W., Costello, C., Naehrig, M., Stebila, D.: Post-quantum key exchange for the TLS protocol from the ring learning with errors problem. IEEE Symposium on Security and Privacy, pp. 553-570 (2015)

    Google Scholar 

  8. Boura, C., Canteaut, A.: Zero-sum distinguishers for iterated permutations and application to Keccak-f and Hamsi-256. In: Biryukov, A., Gong, G., Stinson, D.R. (eds.) SAC 2010. LNCS, vol. 6544, pp. 1–17. Springer, Heidelberg (2011)

    CrossRef  Google Scholar 

  9. Braun, J., Hülsing, A., Wiesmaier, A., Vigil, M.A.G., Buchmann, J.: How to avoid the breakdown of public key infrastructures. In: De Capitani di Vimercati, S., Mitchell, C. (eds.) EuroPKI 2012. LNCS, vol. 7868, pp. 53–68. Springer, Heidelberg (2013)

    CrossRef  Google Scholar 

  10. Buchmann, J., Dahmen, E., Hülsing, A.: XMSS - a practical forward secure signature scheme based on minimal security assumptions. In: Yang, B.-Y. (ed.) PQCrypto 2011. LNCS, vol. 7071, pp. 117–129. Springer, Heidelberg (2011)

    CrossRef  Google Scholar 

  11. Buchmann, J., Dahmen, E., Klintsevich, E., Okeya, K., Vuillaume, C.: Merkle signatures with virtually unlimited signature capacity. In: Katz, J., Yung, M. (eds.) ACNS 2007. LNCS, vol. 4521, pp. 31–45. Springer, Heidelberg (2007)

    CrossRef  Google Scholar 

  12. Buchmann, J., García, L.C.C., Dahmen, E., Döring, M., Klintsevich, E.: CMSS – an improved Merkle signature scheme. In: Barua, R., Lange, T. (eds.) INDOCRYPT 2006. LNCS, vol. 4329, pp. 349–363. Springer, Heidelberg (2006)

    CrossRef  Google Scholar 

  13. Courtois, N.T., Finiasz, M., Sendrier, N.: How to achieve a McEliece-based digital signature scheme. In: Boyd, C. (ed.) ASIACRYPT 2001. LNCS, vol. 2248, p. 157. Springer, Heidelberg (2001)

    CrossRef  Google Scholar 

  14. DeAngelis, S.F.: Closing In On Quantum Computing. Wired (2014)

    Google Scholar 

  15. Ding, J., Schmidt, D.: Rainbow, a new multivariable polynomial signature scheme. In: Ioannidis, J., Keromytis, A.D., Yung, M. (eds.) ACNS 2005. LNCS, vol. 3531, pp. 164–175. Springer, Heidelberg (2005)

    CrossRef  Google Scholar 

  16. Dods, C., Smart, N.P., Stam, M.: Hash based digital signature schemes. In: Smart, N.P. (ed.) Cryptography and Coding 2005. LNCS, vol. 3796, pp. 96–115. Springer, Heidelberg (2005)

    CrossRef  Google Scholar 

  17. Duc, A., Guo, J., Peyrin, T., Wei, L.: Unaligned rebound attack: application to Keccak. In: Canteaut, A. (ed.) FSE 2012. LNCS, vol. 7549, pp. 402–421. Springer, Heidelberg (2012)

    CrossRef  Google Scholar 

  18. Ducas, L., Durmus, A., Lepoint, T., Lyubashevsky, V.: Lattice signatures and bimodal gaussians. In: Canetti, R., Garay, J.A. (eds.) CRYPTO 2013, Part I. LNCS, vol. 8042, pp. 40–56. Springer, Heidelberg (2013)

    CrossRef  Google Scholar 

  19. El Gamal, T.: A public key cryptosystem and a signature scheme based on discrete logarithms. In: Blakely, G.R., Chaum, D. (eds.) CRYPTO 1984. LNCS, vol. 196, pp. 10–18. Springer, Heidelberg (1985)

    CrossRef  Google Scholar 

  20. ETSI: White paper: Quantum Safe Cryptography and Security; An introduction, benefits, enablers and challenges. http://docbox.etsi.org/Workshop/2014/201410_CRYPTO/Quantum_Safe_Whitepaper_1_0_0.pdf (2014)

  21. Gazdag, S., Butin, D.: Practical Hash-based Signatures (Quantencomputer-resistente Signaturverfahren für die Praxis) (2014). http://square-up.org/

  22. Google: BoringSSL (2014). https://boringssl.googlesource.com/boringssl/

  23. Grover, L.K.: A fast quantum mechanical algorithm for database search. In: Symposium on Theory of Computing (STOC), pp. 212–219. ACM (1996)

    Google Scholar 

  24. Housley, R.: Use of the hash-based Merkle tree signature (MTS) algorithm in the cryptographic message syntax (CMS). IETF (2015) (Internet-Draft )

    Google Scholar 

  25. Hülsing, A.: Practical Forward Secure Signatures using Minimal Security Assumptions. Ph.D. thesis, Technische Universität Darmstadt (2013)

    Google Scholar 

  26. Hülsing, A.: W-OTS+ – shorter signatures for hash-based signature schemes. In: Youssef, A., Nitaj, A., Hassanien, A.E. (eds.) AFRICACRYPT 2013. LNCS, vol. 7918, pp. 173–188. Springer, Heidelberg (2013)

    CrossRef  Google Scholar 

  27. Hülsing, A., Busold, C., Buchmann, J.: Forward secure signatures on smart cards. In: Knudsen, L.R., Wu, H. (eds.) SAC 2012. LNCS, vol. 7707, pp. 66–80. Springer, Heidelberg (2013)

    CrossRef  Google Scholar 

  28. Hülsing, A., Butin, D., Gazdag, S.L., Mohaisen, A.: XMSS: Extended Hash-Based Signatures. IETF (2015) (Internet-Draft)

    Google Scholar 

  29. Hülsing, A., Rausch, L., Buchmann, J.: Optimal parameters for XMSS\(^{MT}\). In: Cuzzocrea, A., Kittl, C., Simos, D.E., Weippl, E., Xu, L. (eds.) CD-ARES Workshops 2013. LNCS, vol. 8128, pp. 194–208. Springer, Heidelberg (2013)

    CrossRef  Google Scholar 

  30. IBM: IBM ILOG CPLEX Optimizer. http://www-01.ibm.com/software/commerce/optimization/cplex-optimizer/index.html

  31. Johnson, D., Menezes, A., Vanstone, S.: The elliptic curve digital signature algorithm (ECDSA). Int. J. Inf. Secur. 1(1), 36–63 (2001)

    CrossRef  Google Scholar 

  32. Lamport, L.: Constructing Digital Signatures from a One Way Function. Technical report, SRI International Computer Science Laboratory (1979)

    Google Scholar 

  33. Lenstra, A.K., Verheul, E.R.: Selecting cryptographic key sizes. J. Crypt. 14(4), 255–293 (2001)

    MathSciNet  CrossRef  MATH  Google Scholar 

  34. McGrew, D., Curcio, M.: Hash-Based Signatures. IETF (2014) (Internet-Draft)

    Google Scholar 

  35. Merkle, R.C.: A certified digital signature. In: Brassard, G. (ed.) CRYPTO 1989. LNCS, vol. 435, pp. 218–238. Springer, Heidelberg (1990)

    Google Scholar 

  36. National Institute of Standards and Technology: FIPS PUB 186–4: Digital Signature Standard (DSS). National Institute for Standards and Technology (2013). http://nvlpubs.nist.gov/nistpubs/FIPS/NIST.FIPS.186-4.pdf

  37. Nguyen, P.Q., Regev, O.: Learning a parallelepiped: cryptanalysis of GGH and NTRU signatures. J. Crypt. 22(2), 139–160 (2009)

    MathSciNet  CrossRef  MATH  Google Scholar 

  38. OpenBSD: LibreSSL (2014). http://www.libressl.org/

  39. OpenSSL Security Advisory: SSL/TLS MITM vulnerability (CVE-2014-0224) (2014). https://www.openssl.org/news/secadv_20140605.txt

  40. OpenSSL Security Advisory: TLS heartbeat read overrun (CVE-2014-0160) (2014). https://www.openssl.org/news/secadv/20140407.txt

  41. Pop, I.M., Geerlings, K., Catelani, G., Schoelkopf, R.J., Glazman, L.I., Devoret, M.H.: Coherent suppression of electromagnetic dissipation due to superconducting quasiparticles. Nat. 508(7496), 369–372 (2014)

    CrossRef  Google Scholar 

  42. Rich, S., Gellman, B.: NSA seeks to build quantum computer that could crack most types of encryption. The Washington Post (2014)

    Google Scholar 

  43. Rivest, R., Shamir, A., Adleman, L.: A method for obtaining digital signatures and public-key cryptosystems. Commun. ACM 21, 120–126 (1978)

    MathSciNet  CrossRef  MATH  Google Scholar 

  44. Saeedi, K., et al.: Room-temperature quantum bit storage exceeding 39 minutes using ionized donors in silicon-28. Sci. 342(6160), 830–833 (2013)

    CrossRef  Google Scholar 

  45. Shor, P.W.: Polynomial-time algorithms for prime factorization and discrete logarithms on a quantum computer. SIAM J. Comput. 26(5), 1484–1509 (1997)

    MathSciNet  CrossRef  MATH  Google Scholar 

  46. TU Darmstadt: FlexiProvider, an open source Java Cryptographic Service Provider (2006). http://www.flexiprovider.de/javadoc/flexiprovider/docs/de/flexiprovider/pqc/hbc/gmss/package-summary.html

Download references

Author information

Authors and Affiliations

Authors

Corresponding author

Correspondence to Denis Butin .

Editor information

Editors and Affiliations

Rights and permissions

Reprints and Permissions

Copyright information

© 2015 Springer International Publishing Switzerland

About this paper

Cite this paper

Butin, D., Gazdag, SL., Buchmann, J. (2015). Real-World Post-Quantum Digital Signatures. In: Cleary, F., Felici, M. (eds) Cyber Security and Privacy. CSP 2015. Communications in Computer and Information Science, vol 530. Springer, Cham. https://doi.org/10.1007/978-3-319-25360-2_4

Download citation

  • DOI: https://doi.org/10.1007/978-3-319-25360-2_4

  • Published:

  • Publisher Name: Springer, Cham

  • Print ISBN: 978-3-319-25359-6

  • Online ISBN: 978-3-319-25360-2

  • eBook Packages: Computer ScienceComputer Science (R0)