Faster Hash-Based Signatures with Bounded Leakage
نویسندگان
چکیده
Digital signatures have become a key component of many embedded system solutions and are facing strong security and efficiency requirements. At the same time side-channel resistance is essential for a signature scheme to be accepted in real-world applications. Based on the Merkle signature scheme and Winternitz one-time signatures we propose a signature scheme with bounded side-channel leakage that is secure in a post-quantum setting. Novel algorithmic improvements for the authentication path computation bound side-channel leakage and improve the average signature computation time by close to 50 % when compared to state-of-the-art algorithms. The proposed scheme is implemented on an Intel Core i7 CPU and an AVR ATxmega microcontroller with carefully optimized versions for the respective target platform. The theoretical algorithmic improvements are verified in the implementations and cryptographic hardware accelerators are used to achieve competitive performance.
منابع مشابه
Short signature from factoring assumption in the standard model
Programmable hash functions (PHFs) is a new cryptographic primitive, which can mimic certain programmability properties of random oracles. Due to these properties, PHFs are very useful to construct short signatures in standard models. Based on (m,1)-PHF, we propose an efficient construction of short signature from factoring problem. Our signature doesn’t require the generation of primes at sign...
متن کاملBounded Fully Homomorphic Signature Schemes
Homomorphic signatures enable anyone to publicly perform computations on signed data and produce a compact tag to authenticate the results. In this paper, we construct two bounded fully homomorphic signature schemes, as follows. – For any two polynomials d = d(λ), s = s(λ), where λ is the security parameter. Our first scheme is able to evaluate any circuit on the signatures, as long as the dept...
متن کاملPublic-Key Encryption in the Bounded-Retrieval Model
We construct the first public-key encryption scheme in the Bounded-Retrieval Model (BRM), providing security against various forms of adversarial “key leakage” attacks. In this model, the adversary is allowed to learn arbitrary information about the decryption key, subject only to the constraint that the overall amount of “leakage” is bounded by at most ` bits. The goal of the BRM is to design ...
متن کاملState Management for Hash-Based Signatures
The unavoidable transition to post-quantum cryptography requires mature quantum-safe digital signature schemes. Hash-based signatures are well-understood and promising candidates. A common concern regarding their deployment is their statefulness, due to their use of one-time signature schemes. While the theory of hash-based signatures is mature, a complete understanding of the system security i...
متن کاملLeakage-Resilient Public-Key Encryption from Obfuscation
The literature on leakage-resilient cryptography contains various leakage models that provide different levels of security. In this work, we consider the bounded leakage and the continual leakage models. In the bounded leakage model (Akavia et al. – TCC 2009), it is assumed that there is a fixed upper bound L on the number of bits the attacker may leak on the secret key in the entire lifetime o...
متن کامل