Practical quantum-computer resistant signature schemes

实用的抗量子计算机签名方案

• 批准号: 251300380
• 负责人: Professor Dr. Johannes Buchmann
• 金额: --
• 依托单位: Fachgebiet Theoretische Informatik - Kryptographie und Computeralgebra
• 依托单位国家: 德国
• 项目类别: Research Grants (Transfer Project)
• 财政年份: 2014
• 资助国家: 德国
• 起止时间: 2013-12-31 至 2019-12-31
• 项目状态: 已结题
• 来源: https://gepris.dfg.de/gepris/projekt/251300380?language=en
• 关键词: Practical; quantum; computer; resistant; signature

Digital signatures are the most popular cryptographic primitives in practice. They guarantee the authenticity of data and documents and allow to determine the origin of data. In practice, three digital signature schemes are used: RSA, DSA, and EC_DSA. If all those methods become insecure, the resulting damage will be immense. This situation will occur if it is possible to construct quantum computers with sufficient capacity. It is therefore important to provide alternative digital signature schemes.In the DFG project "Provably secure, efficient and long-term secure variations of the Merkle signature scheme" (GZ: BU 630/19-1), which is the basis of the present application, the hash-based signature scheme XMSS [BDH11] and its extension XMSSMT were developed. Their security was proven, and their efficiency was demonstrated theoretically and practically.The aim of this project is to make XMSS and XMSSMT usable in practice. This will be done in cooperation with the company genua mbH (IT security products) by achieving the following goals:1. Open-source implementation, including handling the statefulness, parameter selection, and side channel analysis,2. Standardization preparation,3. Integration in communications protocols.In the context of achieving the first objective several open problems are to be solved, which enable the integration in the open source libraries OpenSSL (C/C++) and Bouncy Castle (JAVA), and the integration has to be done. The first problem is how to deal with the statefulness of both schemes, which requires that at any time a consistent state exists, without limiting the performance too much. This is not required by the schemes used today. The second problem is the optimization of parameter sets for different platforms. Namely, the schemes have a plurality of parameters, in contrast to traditional schemes. The third problem is the side-channel analysis, which is required for the implementation to be secure.The preparation of standardization includes a RFC draft and a draft for an ISO standardization. It also includes the presentation and discussion of the drafts in the relevant standardization bodies.As part of the work on the third goal, quantum-computer resistant variants of TLS, SSH and S/MIME are developed. This is achieved by integrating XMSS and XMSSMT. It requires the development of appropriate formats and interfaces as well as an implementation.When the three goals are achieved, XMSS and XMSSMT will be usable for common applications.

数字签名是实践中最常用的密码学原语。它们保证数据和文件的真实性，并允许确定数据的来源。在实践中，使用三种数字签名方案：RSA、DSA和EC_DSA。如果所有这些方法都变得不安全，所造成的损害将是巨大的。如果有可能构建具有足够容量的量子计算机，这种情况就会发生。在DFG项目“Provably secure，efficient and long-term secure variations of the Merkle signature scheme”（GZ：BU 630/19-1）中，开发了基于散列的签名方案XMSS [BDH 11]及其扩展XMSSMT，该方案是本申请的基础。本课题的目的是使XMSS和XMSSMT在实际中得到应用。这将通过与公司genua mbH（IT安全产品）合作实现以下目标：1.开源实现，包括处理状态、参数选择和边通道分析;标准化澄清，3.通信协议的集成。在实现第一个目标的背景下，要解决几个开放的问题，这使得在开源库OpenSSL（C/C++）和Bouncy Castle（JAVA）中的集成成为可能，并且必须完成集成。第一个问题是如何处理这两种方案的状态性，这要求在任何时候都存在一致的状态，而不会过多地限制性能。这不是今天使用的方案所要求的。第二个问题是针对不同平台的参数集的优化。即，与传统方案相比，该方案具有多个参数。第三个问题是侧信道分析，这是实现安全所必需的。标准化的准备包括RFC草案和ISO标准化草案。作为第三个目标工作的一部分，开发了TLS、SSH和S/MIME的量子计算机抵抗变体。这是通过集成XMSS和XMSSMT来实现的。它需要开发适当的格式和接口以及实现。当这三个目标实现时，XMSS和XMSSMT将可用于常见的应用程序。

项目成果

Hash-Based Signatures: State of Play

• DOI: 10.1109/msp.2017.3151334
• 发表时间: 2017-08
• 期刊: IEEE Security & Privacy
• 影响因子: 1.9
• 作者: Denis Butin

Real-World Post-Quantum Digital Signatures

现实世界的后量子数字签名

• DOI: 10.1007/978-3-319-25360-2_4
• 发表时间: 2015
• 作者: Gazdag;Buchmann
• 通讯作者: Buchmann

Post-quantum authentication in OpenSSL with hash-based signatures

OpenSSL 中使用基于哈希的签名进行后量子身份验证

• DOI: 10.23919/icmu.2017.8330093
• 发表时间: 2017
• 期刊: 2017 Tenth International Conference on Mobile Computing and Ubiquitous Network (ICMU)
• 作者: Wälde;Buchmann
• 通讯作者: Buchmann