long term secure signatures
play

Long-term secure signatures for the IoT Andreas Hlsing Hash-based - PowerPoint PPT Presentation

Aug 22, 2023 •150 likes •285 views

Long-term secure signatures for the IoT Andreas Hlsing Hash-based Signature Schemes [Mer89] Long-term secure Only needs secure hash function Post-quantum Possibility of hash combiners IoT compatible? Only needs secure hash

  1. Long-term secure signatures for the IoT Andreas Hülsing

  2. Hash-based Signature Schemes [Mer89] Long-term secure • Only needs secure hash function • Post-quantum • Possibility of hash combiners IoT compatible? • Only needs secure hash function

  3. Lamport-Diffie OTS [Lam79] Message M = b1,…, bm, OWF H = n bit * SK sk 1,0 sk 1,1 sk m,0 sk m,1 H H H H H H PK pk 1,0 pk 1,1 pk m,0 pk m,1 b1 Mux b2 Mux bm Mux Sig sk 1,b1 sk m,bm 6-11-2017 PAGE 3

  4. One-time signatures • Can only be used once • Basic building block • Secret keys can be generated pseudorandomly WOTS + [Hue13] • Shorter signatures • Size-speed trade-off

  5. Chain-based OTS H H H H H H H PK OTS OTS OTS OTS OTS OTS OTS SK

  6. Chain-based OTS [NY89] • Extremely fast signing via „ pebbeling “ • Extremely fast verification of sequential signatures • Small keys • Small sigs (for sequential signatures) • Extremely useful in combination with aggregator • Stateful See e.g. Dahmen, Krauss. Short Hash-Based Signatures for Wireless Sensor Networks. CANS 2009.

  7. Merkle’s signature scheme PK SIG = ( i=2 , , , , , ) H H H OTS H H H H H H H H H H H H OTS OTS OTS OTS OTS OTS OTS OTS SK 6-11-2017 PAGE 7

  8. Merkle‘s signature scheme • Fast signing via „tree traversal algorithms“ • Extremely fast verification • Small keys • Medium size sigs • Stateful Latest: XMSS-T (Hülsing, Rijneveld, Song. Mitigating Multi-Target Attacks in Hash-based Signatures . PKC ‘16)

  9. Multi-Tree XMSS [MMM02] Uses multiple layers of trees -> Key generation (= Building first tree on each layer) Θ ( 2 h ) → Θ ( d* 2 h/d ) -> Allows to reduce worst-case signing times Θ ( h/2 ) → Θ ( h/2d )

  10. SPHINCS [BHH + 15] • Stateless Scheme • XMSS MT + HORST + (pseudo-)random index • Collision-resilient • Deterministic signing • SPHINCS-256: • 128-bit post-quantum secure • Hundrest of signatures / sec • 41 kb signature • 1 kb keys

  11. Performance on small devices • STM32L100C development board: Cortex M3, 32MHz, 32-bit architecture, 256KB Flash, 16KB RAM KeyGen Sign Verify XMSS MT 278.80s 0.61s 0.16s SPHINCS 0.88s 18.41s 0.51s • Issue: SPHINCS sigs (41KB) don‘t fit single APDU

  12. Future • XMSS Internet Draft in IRSG poll • At least two SPHINCS submissions for NIST • Faster / smaller signatures • Several works on dedicated hash functions (Haraka, Siempira)

  13. Thank you! Questions? 9-10-2017 PAGE 13

Recommend

Introduction to the West Midlands Combined Authority Aims Secure long term investment rather

Introduction to the West Midlands Combined Authority Aims Secure long term investment rather

Introduction to the West Midlands Combined Authority Aims Secure long term investment rather than short term budget allocations to stimulate economic growth for the region Tackle the long term challenges faced by all local authorities and

498 views • 17 slides
Digital Signatures for e-Government Challenges a Long-Term Security Architecture Mediated

Digital Signatures for e-Government Challenges a Long-Term Security Architecture Mediated

Signatures for e-Government Ba skiewicz, Kubiak, Kutyowski Digital Signatures for e-Government Challenges a Long-Term Security Architecture Mediated RSA Floating exponents Strong mRSA Przemysaw Ba skiewicz, Przemysaw

580 views • 20 slides
Long term Sec rit Long-term Security through g Quantum Cryptography D Dominique Unruh i i U

Long term Sec rit Long-term Security through g Quantum Cryptography D Dominique Unruh i i U

Long term Sec rit Long-term Security through g Quantum Cryptography D Dominique Unruh i i U h University of Tartu EWSCS 2011 March 2, 2011 Dominique Unruh Dominique Unruh Recall Recall Long term security: Protocol is secure if L

786 views • 25 slides
RSA-PSS Provable Secure RSA Signatures and their Implementation Overview What is RSA-PSS?

RSA-PSS Provable Secure RSA Signatures and their Implementation Overview What is RSA-PSS?

RSA-PSS Provable Secure RSA Signatures and their Implementation Overview What is RSA-PSS? Why RSA-PSS? Comparing original and standardized PSS Status of Protocols, Standards and Imple- mentations RSA-PSS in X.509

718 views • 19 slides
COMPLETE INVENTORY CONTROL SOLUTIONS WHY INVENTORY SOLUTIONS? Secure long-term contracts

COMPLETE INVENTORY CONTROL SOLUTIONS WHY INVENTORY SOLUTIONS? Secure long-term contracts

COMPLETE INVENTORY CONTROL SOLUTIONS WHY INVENTORY SOLUTIONS? Secure long-term contracts Add Value to your Proposition Promote Partnership Grow business in existing accounts Better service your accounts Get your foot in the

706 views • 58 slides
Tightly Secure Signatures and Public-Key Encryp8on Dennis

Tightly Secure Signatures and Public-Key Encryp8on Dennis

Tightly Secure Signatures and Public-Key Encryp8on Dennis Ho<einz and Tibor Jager Karlsruhe Ins,tute of Technology CRYPTO 2012 1 Tight

477 views • 15 slides
The signatures of long-lived spirals in disk galaxies The signatures of long-lived spirals in disk

The signatures of long-lived spirals in disk galaxies The signatures of long-lived spirals in disk

South Korea 2013 The signatures of long-lived spirals in disk galaxies The signatures of long-lived spirals in disk galaxies The signatures of long-lived spirals in disk galaxies The signatures of long-lived spirals in disk galaxies Eric E.

719 views • 43 slides
Tightly-Secure Signatures from Chameleon Hash Functions NIST, Maryland , PKC 2015 Olivier Blazy 1

Tightly-Secure Signatures from Chameleon Hash Functions NIST, Maryland , PKC 2015 Olivier Blazy 1

Tightly-Secure Signatures from Chameleon Hash Functions NIST, Maryland , PKC 2015 Olivier Blazy 1 , Saqib A. Kakvi 2 , Eike Kiltz 2 , Jiaxin Pan 2 1 University of Limoges, France 2 Ruhr University Bochum, Germany Keywords 1. Signatures 2. Tight

725 views • 44 slides
South Burlington School District Proposed Long-Term Bond Why issue a long term bond? Entities

South Burlington School District Proposed Long-Term Bond Why issue a long term bond? Entities

South Burlington School District Proposed Long-Term Bond Why issue a long term bond? Entities issue long-term bonds to finance long-term infrastructure assets with extended lives. The large dollar cost of these projects can be difficult to

776 views • 16 slides
Long-Term Stewardship of Three Evapotranspirative Covers, 15 years Sue Collins, Long-Term

Long-Term Stewardship of Three Evapotranspirative Covers, 15 years Sue Collins, Long-Term

August 20 23, 2018 Grand Junction, Colorado 2018 Long-Term Stewardship Conference Long-Term Stewardship of Three Evapotranspirative Covers, 15 years Sue Collins, Long-Term Stewardship Program Lead Sandia National Laboratories Track 2.2:

344 views • 17 slides
Long term test of LED Long term test of LED pulsing pulsing Long time LED system stability

Long term test of LED Long term test of LED pulsing pulsing Long time LED system stability

Long term test of LED Long term test of LED pulsing pulsing Long time LED system stability measurement Aging of part of optical system Future plans Jaroslav Zalesak, Jan Smolik Institute of Physics ASCR, Prague Sep 13, 2007 CALICE

298 views • 11 slides
Digital Signatures Dennis Hofheinz (slides based on slides by Bjrn Kaidel) Digital Signatures

Digital Signatures Dennis Hofheinz (slides based on slides by Bjrn Kaidel) Digital Signatures

Digital Signatures Dennis Hofheinz (slides based on slides by Bjrn Kaidel) Digital Signatures 2020-03-03 1 Outline Why assumptions? Efficient one-time signatures Digital Signatures 2020-03-03 2 Recap: Lamport EUF-1-CMA secure

1.14k views • 37 slides
Secure Income REIT Plc 9 March 2018 www.SecureIncomeREIT.co.uk Secure Income REIT Plc is a

Secure Income REIT Plc 9 March 2018 www.SecureIncomeREIT.co.uk Secure Income REIT Plc is a

Secure Income REIT Plc 9 March 2018 www.SecureIncomeREIT.co.uk Secure Income REIT Plc is a specialist UK REIT, selectively investing in key operating real estate assets in defensive sectors that provide long term rental income with inflation

822 views • 60 slides
The Future of Long Term Care in Ontario Adrienne Palmer Ontario Long Term Care Association LTC

The Future of Long Term Care in Ontario Adrienne Palmer Ontario Long Term Care Association LTC

The Future of Long Term Care in Ontario Adrienne Palmer Ontario Long Term Care Association LTC Transformation in Ontario March 2012 Why Not Now? LTC Innovation Report July 2010 released Long Term May 2008 Shirlee Sharkeys

352 views • 16 slides
GFDR 2015 Lo Long-term Finance Cha hapt pter 3: Th The Use of Markets for Long ng-term

GFDR 2015 Lo Long-term Finance Cha hapt pter 3: Th The Use of Markets for Long ng-term

GFDR 2015 Lo Long-term Finance Cha hapt pter 3: Th The Use of Markets for Long ng-term Fina nanc nce GFDR SEMINAR SERIES FEBRUARY 24, 2015 Introduction Lack of long-termfinance: importantand challenging concernin many countries

1.04k views • 57 slides
Antithrombotic Therapy for Long-Term Secondary Prevention Considerations for Long-Term DAPT

Antithrombotic Therapy for Long-Term Secondary Prevention Considerations for Long-Term DAPT

Antithrombotic Therapy for Long-Term Secondary Prevention Considerations for Long-Term DAPT Marc P. Bonaca, MD, MPH Vascular Section, Cardiovascular Division Investigator TIMI Study Group Brigham and Womens Hospital Assistant Professor,

774 views • 60 slides
Long-term Osteoporosis Therapy What To Do After 5 Years? Developing a Long-term Management Plan

Long-term Osteoporosis Therapy What To Do After 5 Years? Developing a Long-term Management Plan

Long-term Osteoporosis Therapy What To Do After 5 Years? Developing a Long-term Management Plan North American Menopause Society Philadelphia, PA October 11, 2017 Michael R. McClung, MD, FACP Institute for Health and Ageing, Australian

559 views • 35 slides
Long-term Market Analysis 2018-40 About this years Long-term Market Analysis (LMA) Why LMA?

Long-term Market Analysis 2018-40 About this years Long-term Market Analysis (LMA) Why LMA?

Long-term Market Analysis 2018-40 About this years Long-term Market Analysis (LMA) Why LMA? Understand and quantify long term development Understand challenges and opportunities early better decisions Support for Network

1.23k views • 41 slides
Signatures Lecture 22 Signatures Signatures Signatures with various functionality/properties

Signatures Lecture 22 Signatures Signatures Signatures with various functionality/properties

Signatures Lecture 22 Signatures Signatures Signatures with various functionality/properties Signatures Signatures with various functionality/properties Constructions come in different flavors (well sample each flavor): Signatures

1.55k views • 131 slides
Managed Long Term Care Managed Long Term Care Informational Materials f B Brenda Rivera d Ri

Managed Long Term Care Managed Long Term Care Informational Materials f B Brenda Rivera d Ri

Managed Long Term Care Managed Long Term Care Informational Materials f B Brenda Rivera d Ri Senior Communications Manager N New York Medicaid Choice Program Y k M di id Ch i P MAXIMUS February 9, 2012 1 Managed Long Term Care

323 views • 8 slides
Delivering the NHS Long Term Plan in and across south east London Welcome and in

Delivering the NHS Long Term Plan in and across south east London Welcome and in

Delivering the NHS Long Term Plan in and across south east London Welcome and in introduction to Long Term Plan The NHS Long Term Plan Published in January 2019 Aims to make the NHS fit for the future, providing high quality care

291 views • 18 slides
Vapor Intrusion Exposure: Long-Term Evidence-Based Protection & Sustainability: Long-Term

Vapor Intrusion Exposure: Long-Term Evidence-Based Protection & Sustainability: Long-Term

AEHS 25 th Annual International Conference on Soil, Water, Energy, and Air : Vapor Intrusion Exposure: Long-Term Evidence-Based Protection & Sustainability: Long-Term Stewardship Survey of LTS Programs March 24, 2015, Workshop 1: EPA

166 views • 15 slides
Secure, Archival Storage With POTSHARDS Mark W. Storer Kevin M. Greenan Ethan L. Miller

Secure, Archival Storage With POTSHARDS Mark W. Storer Kevin M. Greenan Ethan L. Miller

Secure, Archival Storage With POTSHARDS Mark W. Storer Kevin M. Greenan Ethan L. Miller Kaladhar Voruganti FAST WIP Session February 14, 2007 Problem: Long-Term Encryption Keys may be lost Effectively short-term data deletion

311 views • 6 slides
Return To Office Strategy Short-Term Strategy Mid-Term Strategy - Remote Work Long-Term

Return To Office Strategy Short-Term Strategy Mid-Term Strategy - Remote Work Long-Term

People Place Technology Return To Office Strategy Short-Term Strategy Mid-Term Strategy - Remote Work Long-Term Strategy Enhancement and - Temporary Changes Enablement - Reduce Seating Capacity - Priority-Driven Long- - Leverage

251 views • 4 slides

More recommend