[Cscwg-public] Hash based signatures
Tomas Gustavsson
tomas.gustavsson at primekey.com
Tue Nov 5 00:50:10 MST 2019
Hi,
Since we talked about PQC for code signing during todays session, it
might be useful to share some links to exchange info around
standardization. (I know several of participating organization here are
working a lot on PQC of course in different departments)
The NIST standardization on hash based signatures:
https://www.nist.gov/news-events/news/2019/02/request-public-comments-stateful-hash-based-signatures-hbs
During a discussion with a person from NIST he told me that they are
considering recommending to only use it with an HSM. Or generally
speaking with a device that can ensure no private key re-use (as these
algorithms are stateful).
There is standardization in IETF:
XKMS: https://tools.ietf.org/html/rfc8391
Some OIDs specified in this draft:
https://tools.ietf.org/html/draft-vangeest-x509-hash-sigs-03
Some usage in CMS signatures, used in code signing sometimes:
https://tools.ietf.org/html/draft-housley-cms-mts-hash-sig-10
The BouncyCastle open source API (Java) has implemented full support for
XMSS and and XMSS^MT in the latest release.
Anyone that have other useful resources?
Cheers,
Tomas
More information about the Cscwg-public
mailing list