Revision as of 16:00, 8 June 2023 edit Quondum (talk \| contribs) Extended confirmed users 38,883 edits en dashes ← Previous edit		Revision as of 04:13, 5 July 2023 edit undo JCW-CleanerBot (talk \| contribs) Bots 136,797 edits m task, replaced: Advances in Cryptology -- → Advances in Cryptology – Tag: AWB Next edit →
Line 1: '''Hash-based cryptography''' is the generic term for constructions of [[cryptographic primitive]]s based on the security of [[hash function]]s. It is of interest as a type of [[post-quantum cryptography]]. So far, hash-based cryptography is used to construct [[digital signature]]s schemes such as the [[Merkle signature scheme]], zero knowledge and computationally integrity proofs, such as the zk-STARK<ref name="bensasson2018"> [https://eprint.iacr.org/2018/046 Scalable, transparent, and post-quantum secure computational integrity], Ben-Sasson, Eli and Bentov, Iddo and Horesh, Yinon and Riabzev, Michael, 2018 </ref> proof system and range proofs over issued credentials via the HashWires<ref name="kchalkias2021">{{cite journal \|last1=Chalkias \|first1=Konstantinos \|last2=Cohen \|first2=Shir \|last3=Lewi \|first3=Kevin \|last4=Moezinia \|first4=Fredric \|last5=Romailler \|first5=Yolan \|year=2021 \|title=HashWires: Hyperefficient Credential-Based Range Proofs \|url=https://eprint.iacr.org/2021/297 \|journal=Privacy Enhancing Technologies Symposium (PETS) 2021}}</ref> protocol. Hash-based signature schemes combine a one-time signature scheme, such as a [[Lamport signature]], with a [[Merkle tree]] structure. Since a one-time signature scheme key can only sign a single message securely, it is practical to combine many such keys within a single, larger structure. A Merkle tree structure is used to this end. In this hierarchical data structure, a hash function and concatenation are used repeatedly to compute tree nodes. Line 9: == History == [[Leslie Lamport]] invented hash-based signatures in 1979. The XMSS (eXtended Merkle Signature Scheme)<ref name="BuchmannDahmen2011">{{cite journal\|last1=Buchmann\|first1=Johannes\|last2=Dahmen\|first2=Erik\|last3=Hülsing\|first3=Andreas\|title=XMSS – A Practical Forward Secure Signature Scheme Based on Minimal Security Assumptions\|journal=Lecture Notes in Computer Science\|volume=7071\|pages=117–129\|issue=Post-Quantum Cryptography. PQCrypto 2011\|year=2011\|issn=0302-9743\|doi=10.1007/978-3-642-25405-5_8\|citeseerx=10.1.1.400.6086}}</ref> and SPHINCS<ref>{{Cite book\|issue=Advances in Cryptology --– EUROCRYPT 2015\|last1=Bernstein\|first1=Daniel J.\|last2=Hopwood\|first2=Daira\|last3=Hülsing\|first3=Andreas\|last4=Lange\|first4=Tanja\|author4-link=Tanja Lange\|last5=Niederhagen\|first5=Ruben\|last6=Papachristodoulou\|first6=Louiza\|last7=Schneider\|first7=Michael\|last8=Schwabe\|first8=Peter\|last9=Wilcox-O’Hearn\|first9=Zooko\|title=SPHINCS: practical stateless hash-based signatures\|year=2015\|publisher=Springer Berlin Heidelberg\|isbn=9783662467992\|editor-last=Oswald\|editor-first=Elisabeth\|editor-link= Elisabeth Oswald \|series=Lecture Notes in Computer Science\|volume=9056\|pages=368–397\|language=en\|doi=10.1007/978-3-662-46800-5_15\|editor-last2=Fischlin\|editor-first2=Marc\|citeseerx = 10.1.1.690.6403}}</ref><ref>{{cite web\|title=SPHINCS: Introduction\|url=http://sphincs.cr.yp.to/}}</ref> hash-based signature schemes were introduced in 2011 and 2015, respectively. XMSS was developed by a team of researchers under the direction of [[Johannes Buchmann]] and is based both on Merkle's seminal scheme and on the 2007 Generalized Merkle Signature Scheme (GMSS).<ref>{{cite journal\|last1=Buchmann\|first1=Johannes\|last2=Dahmen\|first2=Erik\|last3=Klintsevich\|first3=Elena\|last4=Okeya\|first4=Katsuyuki\|last5=Vuillaume\|first5=Camille\|title=Merkle Signatures with Virtually Unlimited Signature Capacity\|journal=Lecture Notes in Computer Science\|date=2007\|volume=4521\|issue=Applied Cryptography and Network Security\|pages=31–45\|doi=10.1007/978-3-540-72738-5_3\|language=en\|doi-access=free}}</ref> A multi-tree variant of XMSS, XMSS<sup>''MT''</sup>, was described in 2013.<ref>{{cite book\|last1=Hülsing\|first1=Andreas\|last2=Rausch\|first2=Lea\|last3=Buchmann\|first3=Johannes\|title=Optimal Parameters for XMSSMT\|journal=Lecture Notes in Computer Science\|date=2013\|volume=8128\|issue=Security Engineering and Intelligence Informatics\|pages=194–208\|doi=10.1007/978-3-642-40588-4_14\|language=en\|isbn=978-3-642-40587-7}}</ref> == One-time signature schemes ==

Hash-based cryptography: Difference between revisions