Hash-based cryptography, its security and feasibility in modern cryptosystems

Authors

  • Ya.A. Derevianko АТ «Інститут інформаційних технологій», Ukraine https://orcid.org/0000-0002-3290-3373
  • Ye.G. Kachko Харківський національний університет радіоелектроніки, АТ «Інститут інформаційних технологій», Ukraine https://orcid.org/0000-0001-9249-0497
  • I.D. Gorbenko Харківський національний університет імені В. Н. Каразіна, АТ “Інститут Інформаційних Технологій”, Ukraine https://orcid.org/0000-0003-4616-3449

DOI:

https://doi.org/10.30837/rt.2023.2.213.01

Keywords:

cryptographic schemes, hash function, SPHINCS scheme, NIST

Abstract

Hash-based signatures are one of the most promising classes of cryptographic schemes considered quantum resistant ones. The strength of cryptographic hash functions is one of the most important aspects of ensuring the security of hash-based schemes.

Since classical hash-based signatures require tracking the number of signatures used, they were considered to be stateful for a long time. The SPHINCS scheme overcome this limitation, subsequently refined to SPHINCS+.

The paper provides an assessment of the security of ES based on hash functions relative to side channel attacks.
It also gives an analysis of recommendations for the use of one of the candidates of the NIST competition, based on hash cryptography - SPHINCS+, and conclusions about the feasibility of its use.

References

Denis Butin Physical Attack Vulnerability of Hash-Based Signature Schemes. 2017. URL: https://kannwischer.eu/theses/MasterThesisMatthiasKannwischerFINAL.pdf.

A. Hülsing W-OTS+ – Shorter Signatures for Hash-Based Signature Schemes. 2013. URL: https://eprint.iacr.org/2017/965.pdf.

A. Hülsing, D. Butin, S.-L. Gazdag, A. Mohaisen XMSS: Extended Hash-based Signatures. 2020. URL: https://datatracker.ietf.org/doc/rfc8391

T. Eisenbarth, I. von Maurich, and X. Ye. Faster Hash-Based Signatures with Bounded Leakage. 2014. URL: https://www.researchgate.net/publication/290110020_Faster_Hash-Based_Signatures_with_Bounded_Leakage.

Laurent Castelnovi, Ange Martinelli, Thomas Prest Grafting trees: A fault attack against the SPHINCS framework. 2018. URL: https://eprint.iacr.org/2018/102.pdf.

Aymeric Genêt On Protecting SPHINCS+ Against Fault Attacks. 2023. URL: https://eprint.iacr.org/2023/042.pdf.

Jean-Phillippe Aumasson and Guillaume Endignoux. Gravity-SPHINCS. 2017. URL: https://github.com/gravity-postquantum/gravity-sphincs

Antonov S. Round 3 official comment: SPHINCS+. 2022. URL: https://groups.google.com/a/list.nist.gov/g/pqc-forum/c/FVItvyRea28/m/mGaRi5iZBwAJ

Stern M. Diversity of signature schemes. 2021. URL: https://groups.google.com/a/list.nist.gov/g/pqc-forum/c/2LEoSpskELs/m/LkUdQ5mKAwA

Ray Perlner, John Kelsey, David Cooper Breaking Category Five SPHINCS+ with SHA-256. 2022. URL: https://eprint.iacr.org/2022/1061.pdf

J. Aumasson, D. J. Bernstein, et al. SPHINCS+. Submission to the NIST post-quantum project, v.3.1. 2022. URL: https://sphincs.org/data/sphincs+-r3.1-specification.pdf

NIST SP 800-208. Recommendation for Stateful Hash-Based Signature Schemes. 2020. URL: https://nvlpubs.nist.gov/nistpubs/SpecialPublications/NIST.SP.800-208.pdf

SPHINCS+ official web-site. NIST 3-rd Round Package. URL: https://sphincs.org/data/sphincs+-round3-submission-nist.zip

Офіційний сайт Intel. Процессор Intel® Core™ i5-13600KF. URL: https://www.intel.com/content/www/us/en/products/sku/230494/intel-core-i513600kf-processor-24m-cache-up-to-5-10-ghz/specifications.html

Published

2023-06-16

How to Cite

Derevianko, Y., Kachko, Y., & Gorbenko, I. (2023). Hash-based cryptography, its security and feasibility in modern cryptosystems. Radiotekhnika, 2(213), 7–17. https://doi.org/10.30837/rt.2023.2.213.01

Issue

Section

Articles