Package de.hda.fbi.ucs.eucrite.parameters

Class XMSSMTParameters

java.lang.Object
de.hda.fbi.ucs.eucrite.parameters.XMSSMTParameters
All Implemented Interfaces:
AlgorithmParameters
public class XMSSMTParameters
extends Object
implements AlgorithmParameters
The parameters required for the XMSSMT signature scheme. XMSSMT is a stateful signature scheme where the private key needs to be updated after every signature. Multiple usage of the same state will render the scheme insecure. Therefore, the private key should never be copied to prevent multiple usage of a single state.

Another quantum-safe and hash-based, but stateless, signature scheme is SPHINCS.

A XMSSMT private key is a Merkle tree with given height with a one time signature key at every leaf. The number of possible signatures is 2^height. Increasing the height will increase the number of possible signature, but also the size of the private key and the signatures. The tree is divided into subtrees given by the number of layers. The parameters height and layers must be chosen in a way that the reminder of height/layers is zero. The one time signature keys use a treeDigest for signing. The available values for treeDigest are defined as static values in this class, e.g. XMSSMTParameters.SHA512.

Author:
Alexander Zeier

  • Field Details

  • Constructor Details

    • XMSSMTParameters

      public XMSSMTParameters​(int height, int layers, String treeDigest)
      Creates a new XMSSParameters object with the given height, layers and treeDigest. XMSSMT is a stateful signature scheme where the private key needs to be updated after every signature. Multiple usage of the same state will render the scheme insecure. Therefore, the private key should never be copied to prevent multiple usage of a single state.

      Use XMSSMTforFastSigning() to get recommended values for the parameters.

      Parameters:
      height - The height of the Merkle tree. A higher height results in more doable signatures, but also in a larger private key and signature.
      layers - The number of layers. Must divide the height without reminder.
      treeDigest - The hash algorithm used for signing.

  • Method Details

    • getType

      public AlgorithmParameters.Type getType()
      Description copied from interface: AlgorithmParameters
      Return the type of the cryptographic scheme.
      Specified by:
      getType in interface AlgorithmParameters
      Returns:
      The type of the cryptographic scheme.

    • XMSSMTforFastSigning

      public static XMSSMTParameters XMSSMTforFastSigning()
      Use XMSSMT to prioritize signing speed over signature size. For this, a height of 20 and 4 layers are used together with SHA256 as tree digest.

      If signing speed is more important, you should use XMSSParameters.XMSSforSmallSignatures() instead.

      Returns:
      An XMSSMTParameters object with predefined values.

    • getTreeDigest

      public String getTreeDigest()
      Returns the treeDigest.
      Returns:
      The hash algorithm used for signing.

    • getHeight

      public int getHeight()
      Returns the height.
      Returns:
      The height of the Merkle tree.

    • getLayers

      public int getLayers()
      Return the number of layers
      Returns:
      The number of layers of Merkle trees.