EBiBa: A Post-Quantum Hash-Based Signature With Small Signature Size in the Continuous Communication of Large-Scale Data

Abstract

Abstract We present eBiBa (enhanced BiBa), a hash-based signature scheme with the smallest possible signature size, while ensuring high feasibility and security in a specific application model. Our scheme is tailored to address the communication requirement of a large-scale public data stream continuously disseminated between two participants while ensuring data source and data integrity authentication. To achieve these goals, firstly, we optimized the classical hash tree mode into a hybrid mode to efficiently perform public key authentication and eliminate the need for an authenticated channel to transmit large amounts of data, unlike the initial BiBa-based broadcast authentication protocol. Secondly, we employed a specific tweakable hash chain function to digest a batch of messages, reducing the required conditions for post-quantum existential unforgeability under adaptive chosen message attack (EUCMA) of eBiBa to a second-pre-image-resistance-like property instead of collision resistance. This results in reduced pre-computation in both key and signature generations. Thirdly, we utilized a forward-secure pseudorandom function to achieve forward-secure of the proposed scheme. Finally, we minimize the signature size through a series of procedures. Firstly, we select BiBa few-time signature as the underlying signature scheme since it is currently the few-time hash-based signature with the smallest signature size that we are aware of; in addition, the hybrid approach we employed can also significantly reduce the signature size compared to using a hash tree solely; for the hash tree structure, we design a specific authentication path in combination with the related communication model to further minimize the signature size; finally, we optimize the authentication approach to achieve the minimum signature size in a single transmission. Our construction minimizes the signature size in the aforementioned model, achieving a compression rate of 0.017 to 0.828 based on distinct values of parameters, as compared to XMSS-256. We also demonstrated that eBiBa can achieve post-quantum forward-secure and EUCMA security.