Class XMSSParameters
java.lang.Object
de.hda.fbi.ucs.eucrite.parameters.XMSSParameters
- All Implemented Interfaces:
AlgorithmParameters
public class XMSSParameters extends Object implements AlgorithmParameters
The parameters required for the XMSS signature scheme. XMSS is a stateful
signature scheme where the private key needs to be updated after every
signature. Multiple usage of the same state will render the scheme insecure.
Therefore, the private key should never be copied to prevent
multiple usage of a single state.
Another quantum-safe and hash-based, but stateless, signature scheme is SPHINCS.
A XMSS private key is a Merkle tree with given height with a one time
signature key at every leaf. The number of possible signatures is 2^height.
Increasing the height will increase the number of possible signature, but also the size of
the private key and the signatures.
The one time signature keys use a
treeDigest for signing. The available values for treeDigest
are defined as static values in this class, e.g.
XMSSParameters.SHA512.
- Author:
- Alexander Zeier
-
Nested Class Summary
Nested classes/interfaces inherited from interface de.hda.fbi.ucs.eucrite.parameters.AlgorithmParameters
AlgorithmParameters.Algorithm, AlgorithmParameters.Template, AlgorithmParameters.Type -
Field Summary
Fields Modifier and Type Field Description static StringSHA256Use SHA-256 for the tree generation function.static StringSHA512Use SHA512 for the tree generation function.static StringSHAKE128Use SHAKE128 for the tree generation function.static StringSHAKE256Use SHAKE256 for the tree generation function. -
Constructor Summary
Constructors Constructor Description XMSSParameters(int height, String treeDigest)Creates a newXMSSParametersobject with the givenheightand treeDigest. -
Method Summary
Modifier and Type Method Description intgetHeight()Returns theheightof the Merkle tree.StringgetTreeDigest()Returns thetreeDigest.AlgorithmParameters.TypegetType()Return the type of the cryptographic scheme.static XMSSParametersXMSSforSmallSignatures()Use XMSS to prioritize signature size over signing speed.
-
Field Details
-
SHA256
Use SHA-256 for the tree generation function.- See Also:
- Constant Field Values
-
SHA512
Use SHA512 for the tree generation function.- See Also:
- Constant Field Values
-
SHAKE128
Use SHAKE128 for the tree generation function.- See Also:
- Constant Field Values
-
SHAKE256
Use SHAKE256 for the tree generation function.- See Also:
- Constant Field Values
-
-
Constructor Details
-
XMSSParameters
Creates a newXMSSParametersobject with the givenheightand treeDigest. XMSS is a stateful signature scheme where the private key needs to be updated after every signature. Multiple usage of the same state will render the scheme insecure. Therefore, the private key should never be copied to prevent multiple usage of a single state.Use
XMSSforSmallSignatures()to get recommended values for the parameters.- Parameters:
height- The height of the Merkle tree. A higher height results in more doable signatures, but also in a larger private key and signature.treeDigest- The hash algorithm used for signing.
-
-
Method Details
-
getType
Description copied from interface:AlgorithmParametersReturn the type of the cryptographic scheme.- Specified by:
getTypein interfaceAlgorithmParameters- Returns:
- The type of the cryptographic scheme.
-
XMSSforSmallSignatures
Use XMSS to prioritize signature size over signing speed. For this, a height of 20 is used together with SHA256 as tree digest.If signing speed is more important, you should use
XMSSMTParameters.XMSSMTforFastSigning()instead.- Returns:
- An
XMSSParametersobject with predefined values.
-
getTreeDigest
Returns thetreeDigest.- Returns:
- The hash algorithm used for signing.
-
getHeight
public int getHeight()Returns theheightof the Merkle tree.- Returns:
- The height of the Merkle tree.
-