Merkle Signatures with Virtually Unlimited Signature Capacity
نویسندگان
چکیده
We propose GMSS, a new variant of the Merkle signature scheme. GMSS is the first Merkle-type signature scheme that allows a cryptographically unlimited (2) number of documents to be signed with one key pair. Compared to recent improvements of the Merkle signature scheme, GMSS reduces the signature size as well as the signature generation cost.
منابع مشابه
On the security and the efficiency of the Merkle signature scheme
This paper builds on the multi-time signature scheme proposed by Merkle. We prove that the original scheme is existentially unforgeable under adaptive chosen message attack. Moreover, we present an improved version which has three advantages: It is provably forward secure. The number of signatures that can be made with one private key is — in a practical sense — unlimited. Finally, the cost for...
متن کاملPost-quantum signatures for today
Digital signatures are essential for the security of computer networks such as the Internet. For example, digital signatures are widely used to ensure the authenticity and integrity of updates for operating systems and other software applications. The security of the few practically used signature schemes is threatened by quantum computers. When large quantum computers are built, all currently ...
متن کاملFast Hash-Based Signatures on Constrained Devices
Digital signatures are one of the most important applications of microprocessor smart cards. The most widely used algorithms for digital signatures, RSA and ECDSA, depend on finite field engines. On 8-bit microprocessors these engines either require costly coprocessors, or the implementations become very large and very slow. Hence the need for better methods is highly visible. One alternative t...
متن کاملEfficient Hash-Based Signatures on Embedded Devices
Authentication and message integrity are essential building blocks for protocols of many security related verification processes like data origin authentication for valid software updates or device authentication. Critical embedded devices like a brake control unit in a car must only accept updates from valid issuers. At the same time it is essential for security and commercial reasons to prove...
متن کاملHigh Performance of Hash-based Signature Schemes
Hash-based signature schemes, whose security is based on properties of the underlying hash functions, are promising candidates to be quantum-safe digital signatures schemes. In this work, we present a software implementation of two recent standard proposals for hash-based signature schemes, Leighton and Micali Signature (LMS) scheme and Extended Merkle Signature Scheme (XMSS), using a set of AV...
متن کامل