Cryptology ePrint Archive: Report 2017/553

Further Analysis of a Proposed Hash-Based Signature Standard

Scott Fluhrer

Abstract: We analyze the concrete security of a hash-based signature scheme described in the most recent Internet Draft by McGrew, Fluhrer and Curcio. We perform this analysis in the random-oracle model, where the Merkle-Damg\r{a}rd hash compression function is models as the random oracle. We show that, even with a large number of different keys the attacker can choose from, and a huge computational budget, the attacker succeeds in creating a forgery with negligible probability ($< 2^{-129}$).

Category / Keywords: public-key cryptography /

Date: received 6 Jun 2017

Contact author: sfluhrer at cisco com

Available format(s): PDF | BibTeX Citation

Version: 20170608:195413 (All versions of this report)

Short URL:

[ Cryptology ePrint archive ]