Lamport n-time signature scheme

Abstract

Recently, there have been numerous advances in the quantum computing area in research laboratories of companies such as IBM, Google, Microsoft, and so on. As a consequence, the cryptography community started to focus their attention on cryptographic primitives which have the potential of remaining secure on quantum computers. One of the most researched cryptographic primitives are the signature schemes especially because of the emergence and raise in popularity of the cryptocurrencies. Currently, safe signature schemes are very important in keeping safe fortunes in the form of crypto tokens. One of the signature schemes resistant against quantum computers is the Lamport one-time signature scheme. As the name suggests, its main drawback is that a private key can only be used to safely sign a single message. In this paper, we propose the Lamport n-time signature scheme, which is an extension of the Lamport one-time signature scheme and allows for a private key to be used to safely encrypt n messages with a shorter signature, but with an increase in the size of the private and public keys. Specifically, instead of signing each value of each bit, as in the standard Lamport one-time signature scheme, we sign each value of each block of log 2 (n + 1) bits interpreted as an integer. In the Lamport one-time signature scheme, a signature discloses one out of two private key components for each bit, while in the Lamport n-time signature scheme, a signature discloses one out of n+1 private key components for each block of bits of length log 2 (n + 1). This means that an attacker needs n+1 chosen messages in order to uncover the entire private key for the Lamport n-time signature scheme as opposed to 2 chosen messages needed to uncover the entire private key for the Lamport one-time signature scheme.