Paper 2017/965

WOTS+ -- Shorter Signatures for Hash-Based Signature Schemes

Andreas Hülsing

Abstract

We present WOTS+, a Winternitz type one-time signature scheme (WOTS). We prove that WOTS+ is strongly unforgeable under chosen message attacks in the standard model. Our proof is exact and tight. The first property allows us to compute the security of the scheme for given parameters. The second property allows for shorter signatures than previous proposals without lowering the security. This improvement in signature size directly carries over to all recent hash-based signature schemes. I.e. we can reduce the signature size by more than 50% for XMSS+ at a security level of 80 bits. As the main drawback of hash-based signature schemes is assumed to be the signature size, this is a further step in making hash-based signatures practical.

Metadata
Available format(s)
PDF
Category
Public-key cryptography
Publication info
Published elsewhere. Minor revision. AFRICACRYPT 2013
DOI
10.1007/978-3-642-38553-7
Keywords
digital signaturesone-time signature schemeshash-based signaturesprovable securityhash functions
Contact author(s)
andreas @ huelsing net
History
2017-10-03: received
Short URL
https://ia.cr/2017/965
License
Creative Commons Attribution
CC BY

BibTeX

@misc{cryptoeprint:2017/965,
      author = {Andreas Hülsing},
      title = {WOTS+ -- Shorter Signatures for Hash-Based Signature Schemes},
      howpublished = {Cryptology ePrint Archive, Paper 2017/965},
      year = {2017},
      doi = {10.1007/978-3-642-38553-7},
      note = {\url{https://eprint.iacr.org/2017/965}},
      url = {https://eprint.iacr.org/2017/965}
}
Note: In order to protect the privacy of readers, eprint.iacr.org does not use cookies or embedded third party content.