High Performance of Hash-based Signature Schemes

Ana Karina,Julio L´Opez,Roberto Cabral

doi:10.14569/ijacsa.2017.080358

Ana Karina, Julio L´Opez + Show 1 more

Open Access

https://doi.org/10.14569/ijacsa.2017.080358

Copy DOI

Abstract

Hash-based signature schemes, whose security is based on properties of the underlying hash functions, are promising candidates to be quantum-safe digital signatures schemes. In this work, we present a software implementation of two recent standard proposals for hash-based signature schemes, Leighton and Micali Signature (LMS) scheme and Extended Merkle Signature Scheme (XMSS), using a set of AVX2 instructions on Intel processors. The implementation uses several optimization techniques for speeding up the underlying hash functions SHA2 or SHA3, and other building block functions which lead to high performance for signature operations on both schemes. On an Intel Skylake processor, using a tree of height 60 with 12 layers, the signing operation for XMSS takes 3,841,199 cycles (1,043 signatures per second) at 128-bit security level (against quantum attacks). For an equivalent security, the LMS system computes a signature in 1,307,376 cycles (3,065 signatures per second). We also provide the first comparative performance results for signing and verification of both schemes using different parameters. The results of our implementation indicate that both schemes LMS and XMSS can achieve high performance using vector instructions on modern processors.

Highlights

A digital signature scheme is an important cryptographic tool for public-key cryptography
The emerging transition to post-quantum cryptography requires digital signature schemes that are immune to quantum computers
Hash-based signatures schemes are promising candidates for replacing the current signatures schemes because they do not depend on arithmetic operations such as the problem of factorization of integers

Summary

Introduction

A digital signature scheme is an important cryptographic tool for public-key cryptography. Digital signature scheme are widely used for providing authenticity, integrity, and nonrepudiation of data. The most commonly used digital signature schemes are ECDSA [1], RSA [2] and DSA [3]. These schemes have their security based on the difficulty of factoring large integers or computing discrete logarithms. In [4], Shor introduced a polynomial-time quantum algorithm for factoring and computing discrete logarithms. Digital signature schemes that can resist an attack by quantum computers are an active area of research

Objectives

Results

Conclusion