CMSS – An Improved Merkle Signature Scheme

International Journal of Cyber-Security and Digital Forensics, 2018

Active work is being done to create and develop quantum computers. Traditional digital signature systems that are used in practice are vulnerable to quantum computers attacks. The security of these systems is based on the problem of factoring large numbers and calculating discrete logarithms. Scientists are working on the development of alternatives to RSA, which are protected from attacks by quantum computer. One of the alternatives are hash based digital signature schemes. In the article hash based one-time signatures are considered, their analysis and comparison are done. It is shown that, using Winternitz one-time signature scheme, the length of the signature and of the keys is substantially reduced. But also this scheme has disadvantages, in the case of generating keys, creating a signature and verifying a signature, one-way function should be used much more times, then in Lamport signature scheme. So, must be paid serious attention at the choice of this function, it should be quickly executed and safe.

Sensors, 2021

As a standard digital signature may be verified by anybody, it is unsuitable for personal or economically sensitive applications. The chameleon signature system was presented by Krawczyk and Rabin as a solution to this problem. It is based on a hash then sign model. The chameleon hash function enables the trapdoor information holder to compute a message digest collision. The holder of a chameleon signature is the recipient of a chameleon signature. He could compute collision on the hash value using the trapdoor information. This keeps the recipient from disclosing his conviction to a third party and ensures the privacy of the signature. The majority of the extant chameleon signature methods are built on the computationally infeasible number theory problems, like integer factorization and discrete log. Unfortunately, the construction of quantum computers would be rendered insecure to those schemes. This creates a solid requirement for construct chameleon signatures for the quantum wo...

Computers, 2024

The distinguishing feature of hash-based algorithms is their high confidence in security. When designing electronic signature schemes, proofs of security reduction to certain properties of cryptographic hash functions are used. This means that if the scheme is compromised, then one of these properties will be violated. It is important to note that the properties of cryptographic hash functions have been studied for many years, but if a specific hash function used in a protocol turns out to be insecure, it can simply be replaced with another one while keeping the overall construction unchanged. This article describes a new post-quantum signature algorithm, Syrga-1, based on a hash function. This algorithm is designed to sign r messages with a single secret key. One of the key primitives of the signature algorithm is a cryptographic hash function. The proposed algorithm uses the HAS01 hashing algorithm developed by researchers from the Information Security Laboratory of the Institute of Information and Computational Technologies. The security and efficiency of the specified hash algorithm have been demonstrated in other articles by its authors. Hash-based signature schemes are attractive as post-quantum signature schemes because their security can be quantified, and their security has been proven.

Information Security and Cryptology, 2021

Group Merkle (GM) (PQCrypto 2018) and Dynamic Group Merkle (DGM) (ESORICS 2019) are recent proposals for post-quantum hash-based group signature schemes. They are designed as generic constructions that employ any stateful Merkle hash-based signature scheme. XMSS-T (PKC 2016, RFC8391) is the latest stateful Merkle hash-based signature scheme where (almost) optimal parameters are provided. In this paper, we show that the setup phase of both GM and DGM does not enable drop-in instantiation by XMSS-T which limits both designs in employing earlier XMSS versions with sub-optimal parameters which negatively affects the performance of both schemes. Thus, we provide a tweak to the setup phase of GM and DGM to overcome this limitation and enable the adoption of XMSS-T. Moreover, we analyze the bit security of DGM when instantiated with XMSS-T and show that it is susceptible to multi-target attacks because of the parallel Signing Merkle Trees (SMT) approach. More precisely, when DGM is used to sign 2 64 messages, its bit security is 44 bits less than that of XMSS-T. Finally, we provide a DGM variant that mitigates multi-target attacks and show that it attains the same bit security as XMSS-T.

In this paper, an efficient arbitrated quantum signature scheme is proposed by combining quantum cryptographic techniques and some ideas in classical cryptography. In the presented scheme, the signatory and the receiver can share a long-term secret key with the arbitrator by utilizing the key together with a random number. While in previous quantum signature schemes, the key shared between the signatory and the arbitrator or between the receiver and the arbitrator could be used only once, and thus each time when a signatory needs to sign, the signatory and the receiver have to obtain a new key shared with the arbitrator through a quantum key distribution protocol. Detailed theoretical analysis shows that the proposed scheme is efficient and provably secure.

Manuscript, 2005

One-time signatures have been known for more than two decades, and have been studied mainly due to their theoretical value. Recent works motivated us to examine the practical use of one-time signatures in high-performance applications. In this paper we describe FMTseq -a signature scheme that merges recent improvements in hash tree traversal into Merkle's one-time signature scheme. Implementation results show that the scheme provides a signature speed of up to 35 times faster than a 2048-bit RSA signature scheme, for about one million signatures, and a signature size of only a few kilobytes. We provide an analysis of practical parameter selection for the scheme, and improvements that can be applied in more specific scenarios.

Lecture Notes in Computer Science, 2008

Digital signatures are one of the most important applications of microprocessor smart cards. The most widely used algorithms for digital signatures, RSA and ECDSA, depend on finite field engines. On 8-bit microprocessors these engines either require costly coprocessors, or the implementations become very large and very slow. Hence the need for better methods is highly visible. One alternative to RSA and ECDSA is the Merkle signature scheme which provides digital signatures using hash functions only, without relying on any number theoretic assumptions. In this paper, we present an implementation of the Merkle signature scheme on an 8-bit smart card microprocessor. Our results show that the Merkle signature scheme provides comparable timings compared to state of the art implementations of RSA and ECDSA, while maintaining a smaller code size.

Engineering, Technology & Applied Science Research

Falcon is an efficient and secure postquantum signature scheme for services based on quantum computing. It employs the hash-and-sign approach in conjunction with the Gentry, Peikert, and Vaikuntanathan (GPV) framework on Number Theory Research Unit (NTRU) lattices. This study evaluated the operation procedure and the capacity to run the Falcon scheme using a key length of 1024 bits on different hardware and software platforms, such as personal computers and Raspberry Pi 4 and Windows, Ubuntu, and Android operating systems. The following results were obtained: file sizes ranged from 30 to 5449268 KB, digital signature times ranged from 50 to 19500ms, and signature verification times ranged from 14 to 19000ms. The results show that the Falcon post-quantum signature scheme works stably and ensures execution speed on different platforms, similar to current digital signature schemes.

2018 IEEE International Conference on Internet of Things (iThings) and IEEE Green Computing and Communications (GreenCom) and IEEE Cyber, Physical and Social Computing (CPSCom) and IEEE Smart Data (SmartData)

Inspired by the blockchain architecture and existing Merkle tree based signature schemes, we propose BPQS, an extensible post-quantum (PQ) resistant digital signature scheme best suited to blockchain and distributed ledger technologies (DLTs). One of the unique characteristics of the protocol is that it can take advantage of application-specific chain/graph structures in order to decrease key generation, signing and verification costs as well as signature size. Compared to recent improvements in the field, BPQS outperforms existing hash-based algorithms when a key is reused for reasonable numbers of signatures, while it supports a fallback mechanism to allow for a practically unlimited number of signatures if required. We provide an open source implementation of the scheme and benchmark it.

Lecture Notes in Computer Science, 2006

Merkle Cryptosystem (MC) is the first cryptosystem which introduces general concept of the public key cryptography. In this paper, we propose Improved Merkle Cryptosystem (IMC), which has significant security advantages over both MC and a variant of MC (VMC). In IMC, cryptographic hash functions and a new puzzle structure are used together in order to increase the security of MC and VMC. The key agreement value, which is send as clear text in VMC, is hidden using cryptographic hash function in IMC. Also, in order to increase security of the key agreement value, auxiliary keys are used. Notice that, in IMC, computational advantages of VMC remain unchanged while its security is increased. Utilizing computational advantages of VMC, IMC has also security and storage advantages over original MC. It is shown that, with these improvements, IMC can provide as high security as some wellknown public key cryptosystems while MC and VMC can not provide same security due to performance problems.