Cryptology ePrint Archive: Report 2017/965

WOTS+ -- Shorter Signatures for Hash-Based Signature Schemes

Andreas Hülsing

Abstract: We present WOTS+, a Winternitz type one-time signature scheme (WOTS). We prove that WOTS+ is strongly unforgeable under chosen message attacks in the standard model. Our proof is exact and tight. The first property allows us to compute the security of the scheme for given parameters. The second property allows for shorter signatures than previous proposals without lowering the security. This improvement in signature size directly carries over to all recent hash-based signature schemes. I.e. we can reduce the signature size by more than 50% for XMSS+ at a security level of 80 bits. As the main drawback of hash-based signature schemes is assumed to be the signature size, this is a further step in making hash-based signatures practical.

Category / Keywords: public-key cryptography / digital signatures, one-time signature schemes, hash-based signatures, provable security, hash functions

Original Publication (with minor differences): AFRICACRYPT 2013

Date: received 28 Sep 2017

Contact author: andreas at huelsing net

Available format(s): PDF | BibTeX Citation

Version: 20171003:171959 (All versions of this report)

Short URL:

Discussion forum: Show discussion | Start new discussion

[ Cryptology ePrint archive ]