Abstract
Hash-based signatures are gaining attention as one of the alternatives that can replace current digital signatures that are not secure against an attack by quantum computers along with lattice-based signatures, multivariate signatures, and code-based signatures. Up to now, all hash-based signatures have used binary representations to generate signatures. In this paper, we propose using the nonadjacent form (NAF) when generating signatures in hash-based signatures. Concretely, we propose a hash-based signature scheme, WSS-N, which is obtained by applying nonadjacent forms (NAF) to the Winternitz signature scheme. We prove that WSS-N is existentially unforgeable under chosen message attacks in the standard model. And we show that WSS-N needs less hash function calls compared to the Winternitz signature scheme using the binary representation, WSS-B. For a specific parameter with a 256-bit security, we can see that WSS-N generates signatures faster than WSS-B by 8%. Finally, we implement both WSS-N and WSS-B and show that WSS-N generates signatures faster than WSS-B on a desktop computer.
Highlights
Recent research progress on quantum computers has brought postquantum cryptography to the forefront to protect against attacks by quantum computers
We show that WSS-N(1푛, w, m) needs less hash function calls than WSS-B(1푛, w, m) to generate a signature when m ≥ 15w and w ≥ 2
We proposed a hash-based signature using the nonadjacent form (NAF), WSS-N
Summary
Recent research progress on quantum computers has brought postquantum cryptography to the forefront to protect against attacks by quantum computers. While the binary representation has a uniform distribution, the NAF representation has a biased distribution It makes the Winternitz signature scheme require less hash function calls when generating a signature. For a specific parameter with a 256-bit security, the Winternitz signature using the NAF requires 8% less hash function calls ( generates signatures 8% faster) than that using the binary representation. The key generation and signature verification time of the Winternitz signature using the NAF become longer than that using the binary representation.
Talk to us
Join us for a 30 min session where you can share your feedback and ask us any queries you have