Abstract
Hash-based signatures are gaining attention as one of the alternatives that can replace current digital signatures that are not secure against an attack by quantum computers along with lattice-based signatures, multivariate signatures, and code-based signatures. Up to now, all hash-based signatures have used binary representations to generate signatures. In this paper, we propose using the nonadjacent form (NAF) when generating signatures in hash-based signatures. Concretely, we propose a hash-based signature scheme, WSS-N, which is obtained by applying nonadjacent forms (NAF) to the Winternitz signature scheme. We prove that WSS-N is existentially unforgeable under chosen message attacks in the standard model. And we show that WSS-N needs less hash function calls compared to the Winternitz signature scheme using the binary representation, WSS-B. For a specific parameter with a 256-bit security, we can see that WSS-N generates signatures faster than WSS-B by 8%. Finally, we implement both WSS-N and WSS-B and show that WSS-N generates signatures faster than WSS-B on a desktop computer.
Highlights
Recent research progress on quantum computers has brought postquantum cryptography to the forefront to protect against attacks by quantum computers
We show that WSS-N(1푛, w, m) needs less hash function calls than WSS-B(1푛, w, m) to generate a signature when m ≥ 15w and w ≥ 2
We proposed a hash-based signature using the nonadjacent form (NAF), WSS-N
Summary
Recent research progress on quantum computers has brought postquantum cryptography to the forefront to protect against attacks by quantum computers. While the binary representation has a uniform distribution, the NAF representation has a biased distribution It makes the Winternitz signature scheme require less hash function calls when generating a signature. For a specific parameter with a 256-bit security, the Winternitz signature using the NAF requires 8% less hash function calls ( generates signatures 8% faster) than that using the binary representation. The key generation and signature verification time of the Winternitz signature using the NAF become longer than that using the binary representation.
Sign-in/Register to view highlights & summary Sign-in/Register to access full text options 
Free) 
Talk to us
Join us for a 30 min session where you can share your feedback and ask us any queries you have
Schedule a call
