Hash Your Keys Before Signing
| dc.contributor.author | Aulbach, Thomas | |
| dc.contributor.author | Düzlü, Samed | |
| dc.contributor.author | Meyer, Michael | |
| dc.contributor.author | Struck, Patrick | |
| dc.contributor.author | Weishäupl, Maximiliane | |
| dc.date.accessioned | 2024-11-27T10:35:19Z | |
| dc.date.available | 2024-11-27T10:35:19Z | |
| dc.date.issued | 2024 | |
| dc.description.abstract | In this work, we analyze the so-called Beyond UnForgeability Features (BUFF) security of the submissions to the current standardization process of additional signatures by NIST. The BUFF notions formalize security against maliciously generated keys and have various real-world use cases, where security can be guaranteed despite misuse potential on a protocol level. Consequently, NIST declared the security against the BUFF notions as desirable features. Despite NIST’s interest, only 6 out of 40 schemes consider BUFF security at all, but none give a detailed analysis. We close this gap by analyzing the schemes based on codes, isogenies, lattices, and multivariate equations. The results vary from schemes that achieve neither notion (e.g., Wave) to schemes that achieve all notions (e.g., Prov). In particular, we dispute certain claims by Squirrels and Vox regarding their BUFF security. Resulting from our analysis, we observe that three schemes (Cross, Hawk and Prov) achieve BUFF security without having the hash of public key and message as part of the signature, as BUFF transformed schemes would have. Hawk and Prov essentially use the lighter PS-3 transform by Pornin and Stern (ACNS’05). We further point out whether this transform suffices for the other schemes to achieve the BUFF notions, with both positive and negative results. | |
| dc.description.version | published | deu |
| dc.identifier.doi | 10.1007/978-3-031-62746-0_13 | |
| dc.identifier.uri | https://kops.uni-konstanz.de/handle/123456789/71469 | |
| dc.language.iso | eng | |
| dc.subject | Signature Schemes | |
| dc.subject | BUFF | |
| dc.subject | Additional Security | |
| dc.subject | Properties | |
| dc.subject.ddc | 004 | |
| dc.title | Hash Your Keys Before Signing | eng |
| dc.type | INPROCEEDINGS | |
| dspace.entity.type | Publication | |
| kops.citation.bibtex | @inproceedings{Aulbach2024Befor-71469,
year={2024},
doi={10.1007/978-3-031-62746-0_13},
title={Hash Your Keys Before Signing},
number={14772},
isbn={978-3-031-62745-3},
publisher={Springer Nature Switzerland},
address={Cham},
series={Lecture Notes in Computer Science (LNCS)},
booktitle={Post-Quantum Cryptography : 15th International Workshop, PQCrypto 2024, Oxford, UK, June 12–14, 2024, Proceedings, Part II},
pages={301--335},
editor={Saarinen, Markku-Juhani and Smith-Tone, Daniel},
author={Aulbach, Thomas and Düzlü, Samed and Meyer, Michael and Struck, Patrick and Weishäupl, Maximiliane}
} | |
| kops.citation.iso690 | AULBACH, Thomas, Samed DÜZLÜ, Michael MEYER, Patrick STRUCK, Maximiliane WEISHÄUPL, 2024. Hash Your Keys Before Signing. PQCrypto 2024 : 15th International Conference on Post-Quantum Cryptography. Oxford, UK, 12. Juni 2024 - 14. Juni 2024. In: SAARINEN, Markku-Juhani, Hrsg., Daniel SMITH-TONE, Hrsg.. Post-Quantum Cryptography : 15th International Workshop, PQCrypto 2024, Oxford, UK, June 12–14, 2024, Proceedings, Part II. Cham: Springer Nature Switzerland, 2024, S. 301-335. Lecture Notes in Computer Science (LNCS). 14772. ISBN 978-3-031-62745-3. Verfügbar unter: doi: 10.1007/978-3-031-62746-0_13 | deu |
| kops.citation.iso690 | AULBACH, Thomas, Samed DÜZLÜ, Michael MEYER, Patrick STRUCK, Maximiliane WEISHÄUPL, 2024. Hash Your Keys Before Signing. PQCrypto 2024 : 15th International Conference on Post-Quantum Cryptography. Oxford, UK, Jun 12, 2024 - Jun 14, 2024. In: SAARINEN, Markku-Juhani, ed., Daniel SMITH-TONE, ed.. Post-Quantum Cryptography : 15th International Workshop, PQCrypto 2024, Oxford, UK, June 12–14, 2024, Proceedings, Part II. Cham: Springer Nature Switzerland, 2024, pp. 301-335. Lecture Notes in Computer Science (LNCS). 14772. ISBN 978-3-031-62745-3. Available under: doi: 10.1007/978-3-031-62746-0_13 | eng |
| kops.citation.rdf | <rdf:RDF
xmlns:dcterms="http://purl.org/dc/terms/"
xmlns:dc="http://purl.org/dc/elements/1.1/"
xmlns:rdf="http://www.w3.org/1999/02/22-rdf-syntax-ns#"
xmlns:bibo="http://purl.org/ontology/bibo/"
xmlns:dspace="http://digital-repositories.org/ontologies/dspace/0.1.0#"
xmlns:foaf="http://xmlns.com/foaf/0.1/"
xmlns:void="http://rdfs.org/ns/void#"
xmlns:xsd="http://www.w3.org/2001/XMLSchema#" >
<rdf:Description rdf:about="https://kops.uni-konstanz.de/server/rdf/resource/123456789/71469">
<dc:creator>Aulbach, Thomas</dc:creator>
<dcterms:title>Hash Your Keys Before Signing</dcterms:title>
<dc:contributor>Struck, Patrick</dc:contributor>
<dspace:isPartOfCollection rdf:resource="https://kops.uni-konstanz.de/server/rdf/resource/123456789/36"/>
<dcterms:isPartOf rdf:resource="https://kops.uni-konstanz.de/server/rdf/resource/123456789/36"/>
<dc:contributor>Weishäupl, Maximiliane</dc:contributor>
<dc:contributor>Aulbach, Thomas</dc:contributor>
<dc:creator>Meyer, Michael</dc:creator>
<dcterms:available rdf:datatype="http://www.w3.org/2001/XMLSchema#dateTime">2024-11-27T10:35:19Z</dcterms:available>
<dc:creator>Weishäupl, Maximiliane</dc:creator>
<dc:language>eng</dc:language>
<dc:date rdf:datatype="http://www.w3.org/2001/XMLSchema#dateTime">2024-11-27T10:35:19Z</dc:date>
<dc:creator>Düzlü, Samed</dc:creator>
<dc:contributor>Düzlü, Samed</dc:contributor>
<dc:creator>Struck, Patrick</dc:creator>
<foaf:homepage rdf:resource="http://localhost:8080/"/>
<dc:contributor>Meyer, Michael</dc:contributor>
<bibo:uri rdf:resource="https://kops.uni-konstanz.de/handle/123456789/71469"/>
<void:sparqlEndpoint rdf:resource="http://localhost/fuseki/dspace/sparql"/>
<dcterms:issued>2024</dcterms:issued>
<dcterms:abstract>In this work, we analyze the so-called Beyond UnForgeability Features (BUFF) security of the submissions to the current standardization process of additional signatures by NIST. The BUFF notions formalize security against maliciously generated keys and have various real-world use cases, where security can be guaranteed despite misuse potential on a protocol level. Consequently, NIST declared the security against the BUFF notions as desirable features. Despite NIST’s interest, only 6 out of 40 schemes consider BUFF security at all, but none give a detailed analysis. We close this gap by analyzing the schemes based on codes, isogenies, lattices, and multivariate equations. The results vary from schemes that achieve neither notion (e.g., Wave) to schemes that achieve all notions (e.g., Prov). In particular, we dispute certain claims by Squirrels and Vox regarding their BUFF security. Resulting from our analysis, we observe that three schemes (Cross, Hawk and Prov) achieve BUFF security without having the hash of public key and message as part of the signature, as BUFF transformed schemes would have. Hawk and Prov essentially use the lighter PS-3 transform by Pornin and Stern (ACNS’05). We further point out whether this transform suffices for the other schemes to achieve the BUFF notions, with both positive and negative results.</dcterms:abstract>
</rdf:Description>
</rdf:RDF> | |
| kops.conferencefield | PQCrypto 2024 : 15th International Conference on Post-Quantum Cryptography, 12. Juni 2024 - 14. Juni 2024, Oxford, UK | deu |
| kops.date.conferenceEnd | 2024-06-14 | |
| kops.date.conferenceStart | 2024-06-12 | |
| kops.description.funding | {"first":"dfg","second":"505500359"} | |
| kops.description.funding | {"first":"dfg","second":"236615297"} | |
| kops.description.funding | {"first":"brd","second":"16KISK033"} | |
| kops.description.funding | {"first":"brd","second":"16KISQ111"} | |
| kops.flag.knbibliography | true | |
| kops.location.conference | Oxford, UK | |
| kops.sourcefield | SAARINEN, Markku-Juhani, Hrsg., Daniel SMITH-TONE, Hrsg.. <i>Post-Quantum Cryptography : 15th International Workshop, PQCrypto 2024, Oxford, UK, June 12–14, 2024, Proceedings, Part II</i>. Cham: Springer Nature Switzerland, 2024, S. 301-335. Lecture Notes in Computer Science (LNCS). 14772. ISBN 978-3-031-62745-3. Verfügbar unter: doi: 10.1007/978-3-031-62746-0_13 | deu |
| kops.sourcefield.plain | SAARINEN, Markku-Juhani, Hrsg., Daniel SMITH-TONE, Hrsg.. Post-Quantum Cryptography : 15th International Workshop, PQCrypto 2024, Oxford, UK, June 12–14, 2024, Proceedings, Part II. Cham: Springer Nature Switzerland, 2024, S. 301-335. Lecture Notes in Computer Science (LNCS). 14772. ISBN 978-3-031-62745-3. Verfügbar unter: doi: 10.1007/978-3-031-62746-0_13 | deu |
| kops.sourcefield.plain | SAARINEN, Markku-Juhani, ed., Daniel SMITH-TONE, ed.. Post-Quantum Cryptography : 15th International Workshop, PQCrypto 2024, Oxford, UK, June 12–14, 2024, Proceedings, Part II. Cham: Springer Nature Switzerland, 2024, pp. 301-335. Lecture Notes in Computer Science (LNCS). 14772. ISBN 978-3-031-62745-3. Available under: doi: 10.1007/978-3-031-62746-0_13 | eng |
| kops.title.conference | PQCrypto 2024 : 15th International Conference on Post-Quantum Cryptography | |
| relation.isAuthorOfPublication | 56d3cbd4-d902-478d-aba1-2d3d478b8ea8 | |
| relation.isAuthorOfPublication.latestForDiscovery | 56d3cbd4-d902-478d-aba1-2d3d478b8ea8 | |
| source.bibliographicInfo.fromPage | 301 | |
| source.bibliographicInfo.seriesNumber | 14772 | |
| source.bibliographicInfo.toPage | 335 | |
| source.contributor.editor | Saarinen, Markku-Juhani | |
| source.contributor.editor | Smith-Tone, Daniel | |
| source.identifier.isbn | 978-3-031-62745-3 | |
| source.publisher | Springer Nature Switzerland | |
| source.publisher.location | Cham | |
| source.relation.ispartofseries | Lecture Notes in Computer Science (LNCS) | |
| source.title | Post-Quantum Cryptography : 15th International Workshop, PQCrypto 2024, Oxford, UK, June 12–14, 2024, Proceedings, Part II |