A study on fitting SPHINCS+ to blockchain usage

  • Antônio Unias de Lucena UNICAMP
  • Marco Aurélio Amaral Henriques UNICAMP

Resumo

The advent of a large-scale quantum computer will make insecure the current leading blockchains' digital signature schemes. Among the quantum-resistant options for signature schemes, SPHINCS+ stands out due to its security (based solely on hash functions) and due to being stateless. However, when used in a blockchain environment, its signature size considerably reduces the number of transactions stored per block, impacting the blockchain operation and economics. This paper presents a study on fitting SPHINCS+ to blockchain usage. The results show that, without compromising the security, a careful choice of SPHINCS+ parameters can reduce both the signature size and the signature creation time, since the maximum number of signatures supported by a given key is limited to 16 million, a number considered more than sufficient for a blockchain environment.

Referências

Aumasson, J.-P. and Endignoux, G. (2017). Gravity-SPHINCS. Submission to the NIST Post-Quantum Cryptography Standardization Project (2017).

Bernstein, D. J., Dobraunig, C., Eichlseder, M., Fluhrer, S., Gazdag, S.-L., Hülsing, A., Kampanakis, P., Kölbl, S., Lange, T., Lauridsen, M. M., et al. (2017). Sphincs+– submission to the nist post-quantum project. Submission to NIST.

Bernstein, D. J., Hopwood, D., Hülsing, A., Lange, T., Niederhagen, R., Papachristodoulou, L., Schneider, M., Schwabe, P., and Wilcox-O’Hearn, Z. (2015). SPHINCS: practical stateless hash-based signatures. In Annual International Conference on the Theory and Applications of Cryptographic Techniques, pages 368–397. Springer.

Bernstein, D. J., Hülsing, A., Kölbl, S., Niederhagen, R., Rijneveld, J., and Schwabe, P. (2019). The sphincs+ signature framework. In Proceedings of the 2019 ACM SIGSAC Conference on Computer and Communications Security, pages 2129–2146.

Buchmann, J., Dahmen, E., and Hülsing, A. (2011). XMSS - A practical forward secure signature scheme based on minimal security assumptions. In International Workshop on Post-Quantum Cryptography, pages 117–129. Springer.

de Lucena, A. U. and Henriques, M. A. A. (2018). Estudo preliminar da adoção de assinaturas baseadas em hash no blockchain do bitcoin. In Anais Principais do XVIII Simpósio Brasileiro em Segurança da Informação e de Sistemas Computacionais, pages 65–72, Porto Alegre, RS, Brasil. SBC.

Ding, J. and Schmidt, D. (2005). Rainbow, a new multivariable polynomial signature scheme. In International Conference on Applied Cryptography and Network Security, pages 164–175. Springer.

Fernández-Caramès, T. M. and Fraga-Lamas, P. (2020). Towards post-quantum blockchain: A review on blockchain cryptography resistant to quantum computing attacks. IEEE Access, 8:21091–21116.

GEMSS (2020). GeMSS NIST Call Specification. Accessed: Jul. 12, 2020. [Online]. Available: https://www-polsys.lip6.fr/Links/NIST/GeMSS_specification.pdf.

Gidney, C. and Ekera, M. (2019). How to factor 2048 bit rsa integers in 8 hours using 20 million noisy qubits. arXiv preprint arXiv:1905.09749.

Grover, L. K. (1996). A fast quantum mechanical algorithm for database search. In Proceedings of the twenty-eighth annual ACM symposium on Theory of computing, pages 212–219.

Hülsing, A. (2013). W-ots+–shorter signatures for hash-based signature schemes. In International Conference on Cryptology in Africa, pages 173–188. Springer. IOTA (2020). IOTA. Accessed: Jul. 10, 2020. [Online]. Available: https://www.docs.iota.org.

Lamport, L. (1979). Constructing digital signatures from a one-way function. Technical report, Technical Report CSL-98, SRI International.

LUOV (2020). LUOV Official GitHub Repository. Accessed: Jul. 12, 2020. [Online]. Available: https://github.com/WardBeullens/LUOV.

Merkle, R. C. (1979). Secrecy, authentication, and public key systems. Stanford University.

Nakamoto, S. (2009). Bitcoin: A peer-to-peer electronic cash system. Accessed: Nov. 2, 2020. [Online]. Available: https://bitcoin.org/bitcoin.pdf.

Nam, Y. and Maslov, D. (2019). Low-cost quantum circuits for classically intractable instances of the hamiltonian dynamics simulation problem. npj Quantum Information, 5(1):1–8.

NIST (2020a). NIST Post-Quantum Cryptography Standardization. Accessed: Jul. 12, 2020. [Online]. Available: https://csrc.nist.gov/projects/post-quantum-cryptography.

NIST (2020b). PQC Standardization Process: Third Round Candidate Announcement. Accessed: Aug. 5, 2020. [Online]. Available: https://csrc.nist.gov/News/2020/pqc-third-round-candidate-announcement.

PICNIC (2020). PICNIC. Accessed: Jul. 12, 2020. [Online]. Available: https://microsoft.github.io/Picnic/.

Proos, J. and Zalka, C. (2003). Shor’s discrete logarithm quantum algorithm for elliptic curves. Quantum Information & Computation, 3(4):317–344.

QRL (2020). QRL - The Quantum Resistant Ledger. Accessed: Jul. 12, 2020. [Online]. Available: https://theqrl.org/.

Reyzin, L. and Reyzin, N. (2002). Better than biba: Short one-time signatures with fast signing and verifying. In Australasian Conference on Information Security and Privacy, pages 144–153. Springer.

Shor, P. W. (1994). Proceedings of the 35th annual symposium on foundations of computer science. IEE Computer society press, Santa Fe, NM.

SPHINCS+ script (2020). SPHINCS+ parameter exploration SAGE script. Accessed: Jul. 17, 2020. [Online]. Available: https://sphincs.org/data/spx_parameter_exploration.sage.
Publicado
2020-10-13
Como Citar
LUCENA, Antônio Unias de; HENRIQUES, Marco Aurélio Amaral. A study on fitting SPHINCS+ to blockchain usage. Anais do Simpósio Brasileiro de Segurança da Informação e de Sistemas Computacionais (SBSeg), [S.l.], p. 83-96, out. 2020. ISSN 0000-0000. Disponível em: <https://sol.sbc.org.br/index.php/sbseg/article/view/19229>. Acesso em: 18 maio 2024. doi: https://doi.org/10.5753/sbseg.2020.19229.

##plugins.generic.recommendByAuthor.heading##

1 2 > >>