Quantum-Resistance Meets White-Box Cryptography: How to Implement Hash-Based Signatures against White-Box Attackers?

Kemal Bicakci; Kemal Ulker; Yusuf Uzunay; Halis Taha Şahin; Muhammed Said Gündoğan

Paper 2021/968

Quantum-Resistance Meets White-Box Cryptography: How to Implement Hash-Based Signatures against White-Box Attackers?

Kemal Bicakci

, Informatics Institute, Istanbul Technical University, Istanbul, Türkiye, Securify Information Tech. and Security Training Consulting Ltd., Ankara, Türkiye

Kemal Ulker, Securify Information Tech. and Security Training Consulting Ltd., Ankara, Türkiye, TOBB University of Economics and Technology, Ankara, Türkiye,

Yusuf Uzunay, Securify Information Tech. and Security Training Consulting Ltd., Ankara, Türkiye

Halis Taha Şahin, Informatics and Information Security Research Center (BİLGEM), TÜBİTAK, Kocaeli, Türkiye

Muhammed Said Gündoğan, Informatics and Information Security Research Center (BİLGEM), TÜBİTAK, Kocaeli, Türkiye

Abstract

White-box cryptography challenges the assumption that the endpoints are trusted and aims at providing protection against an adversary more powerful than the one in the traditional black-box cryptographic model. Motivating by the fact that most existing white-box implementations focus on symmetric encryption, we present implementations for hash-based signatures so that the security against white-box attackers (who has read-only access to data with a size bounded by a space-hardness parameter M) depends on the availability of a white-box secure cipher (in addition to a general one-way function). We also introduce parameters and key-generation complexity results for white-box secure instantiation of stateless hash-based signature scheme SPHINCS+, one of the NIST selection for quantum-resistant digital signature algorithms, and its older version SPHINCS. We also present a hash tree based solution for one-time passwords secure in a white-box attacker context. We implement the proposed solutions and share our performance results.

Note: New sections (Section 5: Research Progress in Hash-based Signatures and its White-Box Implications and Section 6: Stateless Constructions) were added. Other parts have also been revised significantly.

Metadata

Available format(s): PDF
Category: Implementation
Publication info: Preprint.
Keywords: white-box cryptography digital signature white-box signature quantum-safe signature hash chain one-time password hash tree
Contact author(s): kemalbicakci @ itu edu tr
kemal lkr @ gmail com
yusuf uzunay @ securify com tr
halis sahin @ tubitak gov tr
said gundogan @ tubitak gov tr
History: 2023-07-20: last of 2 revisions; 2021-07-22: received; See all versions
Short URL: https://ia.cr/2021/968
License: CC BY

BibTeX

@misc{cryptoeprint:2021/968,
      author = {Kemal Bicakci and Kemal Ulker and Yusuf Uzunay and Halis Taha Şahin and Muhammed Said Gündoğan},
      title = {Quantum-Resistance Meets White-Box Cryptography: How to Implement Hash-Based Signatures against White-Box Attackers?},
      howpublished = {Cryptology ePrint Archive, Paper 2021/968},
      year = {2021},
      note = {\url{https://eprint.iacr.org/2021/968}},
      url = {https://eprint.iacr.org/2021/968}
}