Recovering the Tight Security Proof of SPHINCS+

Onderzoeksoutput: Hoofdstuk in Boek/Rapport/CongresprocedureConferentiebijdrageAcademicpeer review

5 Citaten (Scopus)

Samenvatting

In 2020, Kudinov, Kiktenko, and Fedorov pointed out a flaw in the tight security proof of the SPHINCS+ construction. This work gives a new tight security proof for SPHINCS+. The flaw can be traced back to the security proof for the Winternitz one-time signature scheme (WOTS) used within SPHINCS+. In this work, we give a stand-alone description of the WOTS variant used in SPHINCS+ that we call WOTS-TW. We provide a security proof for WOTS-TW and multi-instance WOTS-TW against non-adaptive chosen message attacks where the adversary only learns the public key after it made its signature query. Afterwards, we show that this is sufficient to give a tight security proof for SPHINCS+. We recover almost the same bound for the security of SPHINCS+, with only a factor w loss compared to the previously claimed bound, where w is the Winternitz parameter that is commonly set to 16. On a more technical level, we introduce new lower bounds on the quantum query complexity for generic attacks against properties of cryptographic hash functions and analyse the constructions of tweakable hash functions used in SPHINCS+ with regard to further security properties.
Originele taal-2Engels
TitelAdvances in Cryptology – ASIACRYPT 2022
Subtitel28th International Conference on the Theory and Application of Cryptology and Information Security, Taipei, Taiwan, December 5–9, 2022, Proceedings, Part IV
RedacteurenShweta Agrawal, Dongdai Lin
Plaats van productieCham
UitgeverijSpringer Nature
Hoofdstuk1
Pagina's3-33
Aantal pagina's31
ISBN van elektronische versie978-3-031-22972-5
ISBN van geprinte versie978-3-031-22971-8
DOI's
StatusGepubliceerd - jan. 2023
Evenement28th International Conference on the Theory and Application of Cryptology and Information Security, ASIACRYPT 2022 - Taipei, Taiwan
Duur: 5 dec. 20229 dec. 2022

Publicatie series

NaamLecture Notes in Computer Science (LNCS)
UitgeverijSpringer
Volume13794
ISSN van geprinte versie0302-9743
ISSN van elektronische versie1611-3349

Congres

Congres28th International Conference on the Theory and Application of Cryptology and Information Security, ASIACRYPT 2022
Land/RegioTaiwan
StadTaipei
Periode5/12/229/12/22

Financiering

This work was funded by an NWO VIDI grant (Project No. VI.Vidi.193.066). Part of this work was done while M.K. was still affiliated with the Russian Quantum Center, QApp. Date: November 19, 2022.

FinanciersFinanciernummer
Nederlandse Organisatie voor Wetenschappelijk OnderzoekVI.Vidi.193.066

    Vingerafdruk

    Duik in de onderzoeksthema's van 'Recovering the Tight Security Proof of SPHINCS+'. Samen vormen ze een unieke vingerafdruk.

    Citeer dit