XMSS-based Chain of Trust

Soundes Marzougui, Jean-Pierre Seifert
{"title":"XMSS-based Chain of Trust","authors":"Soundes Marzougui, Jean-Pierre Seifert","doi":"10.29007/2fv1","DOIUrl":null,"url":null,"abstract":"Given that large-scale quantum computers can eventually compute discrete logarithm and integer factorization in polynomial time [44], all asymmetric cryptographic schemes will break down. Hence, replacing them becomes mandatory. For this purpose, the Na- tional Institute of Standards and Technology (NIST) initiated a standardization process for post-quantum schemes. These schemes are supposed to substitute classical cryptography in different use-cases, such as client-server authentication during the TLS handshake. How- ever, their signatures, public key sizes, and signature verification time impose difficulty, especially for resource-constrained devices. In this paper, we improve the TLS hand- shake performance relying on post-quantum signatures by combining the XMSS and the Dilithium signature schemes along the chain of certificates. We provide proof-of-concept implementation of our solution by integrating the two signature schemes in the WolfSSL library. Moreover, we evaluate the performance of our solution and establish that it re- duces the signature verification time considerably and minimizes the size of the chain of trust. We provide a security proof of the proposed chain of trust which is relies on the security of the XMSS scheme.","PeriodicalId":93549,"journal":{"name":"EPiC series in computing","volume":"1 1","pages":""},"PeriodicalIF":0.0000,"publicationDate":"2021-01-01","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":"0","resultStr":null,"platform":"Semanticscholar","paperid":null,"PeriodicalName":"EPiC series in computing","FirstCategoryId":"1085","ListUrlMain":"https://doi.org/10.29007/2fv1","RegionNum":0,"RegionCategory":null,"ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":null,"EPubDate":"","PubModel":"","JCR":"","JCRName":"","Score":null,"Total":0}
引用次数: 0

Abstract

Given that large-scale quantum computers can eventually compute discrete logarithm and integer factorization in polynomial time [44], all asymmetric cryptographic schemes will break down. Hence, replacing them becomes mandatory. For this purpose, the Na- tional Institute of Standards and Technology (NIST) initiated a standardization process for post-quantum schemes. These schemes are supposed to substitute classical cryptography in different use-cases, such as client-server authentication during the TLS handshake. How- ever, their signatures, public key sizes, and signature verification time impose difficulty, especially for resource-constrained devices. In this paper, we improve the TLS hand- shake performance relying on post-quantum signatures by combining the XMSS and the Dilithium signature schemes along the chain of certificates. We provide proof-of-concept implementation of our solution by integrating the two signature schemes in the WolfSSL library. Moreover, we evaluate the performance of our solution and establish that it re- duces the signature verification time considerably and minimizes the size of the chain of trust. We provide a security proof of the proposed chain of trust which is relies on the security of the XMSS scheme.
查看原文
分享 分享
微信好友 朋友圈 QQ好友 复制链接
本刊更多论文
基于xmlss的信任链
考虑到大规模量子计算机最终可以在多项式时间[44]内计算离散对数和整数分解,所有非对称密码方案都将崩溃。因此,必须更换它们。为此,国家标准与技术研究所(NIST)启动了后量子方案的标准化过程。这些方案应该在不同的用例中替代经典加密,例如在TLS握手期间的客户机-服务器身份验证。然而,它们的签名、公钥大小和签名验证时间带来了困难,特别是对于资源受限的设备。本文通过在证书链上结合XMSS和Dilithium签名方案,改进了依赖后量子签名的TLS握手性能。我们通过在WolfSSL库中集成两个签名方案来提供我们解决方案的概念验证实现。此外,我们评估了我们的解决方案的性能,并确定它大大减少了签名验证时间,并最小化了信任链的大小。我们提供了基于XMSS方案安全性的信任链的安全性证明。
本文章由计算机程序翻译,如有差异,请以英文原文为准。
求助全文
约1分钟内获得全文 去求助
来源期刊
CiteScore
1.60
自引率
0.00%
发文量
0
期刊最新文献
ARCH-COMP23 Category Report: Hybrid Systems Theorem Proving ARCH-COMP23 Category Report: Continuous and Hybrid Systems with Linear Continuous Dynamics ARCH-COMP23 Category Report: Continuous and Hybrid Systems with Nonlinear Dynamics ARCH-COMP23 Repeatability Evaluation Report ARCH-COMP23 Category Report: Artificial Intelligence and Neural Network Control Systems (AINNCS) for Continuous and Hybrid Systems Plants
×
引用
GB/T 7714-2015
复制
MLA
复制
APA
复制
导出至
BibTeX EndNote RefMan NoteFirst NoteExpress
×
×
提示
您的信息不完整,为了账户安全,请先补充。
现在去补充
×
提示
您因"违规操作"
具体请查看互助需知
我知道了
×
提示
现在去查看 取消
×
提示
确定
0
微信
客服QQ
Book学术公众号 扫码关注我们
反馈
×
意见反馈
请填写您的意见或建议
请填写您的手机或邮箱
已复制链接
已复制链接
快去分享给好友吧!
我知道了
×
扫码分享
扫码分享
Book学术官方微信
Book学术文献互助
Book学术文献互助群
群 号:481959085
Book学术
文献互助 智能选刊 最新文献 互助须知 联系我们:info@booksci.cn
Book学术提供免费学术资源搜索服务,方便国内外学者检索中英文文献。致力于提供最便捷和优质的服务体验。
Copyright © 2023 Book学术 All rights reserved.
ghs 京公网安备 11010802042870号 京ICP备2023020795号-1