search

open-quantum-safe / oqs-provider

OpenSSL 3 provider containing post-quantum algorithms
https://openquantumsafe.org
MIT License
167 stars 73 forks source link

Supporting Stateful Signatures #331

Open ashman-p opened 5 months ago

ashman-p commented 5 months ago

Thank you for taking the time to share your thoughts with us.

There is ongoing work to integrate Stateful Hash-based Signatures in liboqs. This note is to propose adding support for the same in oqsprovider.

Functionality: Key generation Signature generation Signature verification Various schemes for XMSS and LMS.

A summary of the proposed work includes expanding the union OQSX_QS_CTX to include OQS_SIG_STFL struct

typedef union { OQS_SIG sig; OQS_KEM kem; OQS_SIG_STFL *stfl_sig; } OQSX_QS_CTX;

And the enum oqsx_key_type_en.

struct oqsx_provider_ctx_st { enum oqsx_key_type_en { KEY_TYPE_KEM, KEY_TYPE_ECP_HYB_KEM, KEY_TYPE_ECX_HYB_KEM, KEY_TYPE_HYB_SIG, KEY_TYPE_STFL_SIG };

New functions will be added to specifically manage the state of keys generated as well as when they are used to create signatures. Please let me know your thoughts on the approach.

baentsch commented 5 months ago

This approach sounds reasonable & promising. I would recommend you combine it with a consideration as to how to generate all (SHS algorithms') code stubs from within the generate.yml file.

baentsch commented 5 months ago

Additional proposal in light of https://github.com/open-quantum-safe/liboqs/pull/1676#pullrequestreview-1838520356: Would it be possible to create a variant of stateful sigs (without keygen&signing capabilities) that would use just OQS_SIG struct (and thus would not require extension of OQSX_QS_CTX as per the above)?

baentsch commented 3 weeks ago

After https://github.com/open-quantum-safe/liboqs/pull/1650 landed, the time seems to have come to give this integration a try - given https://github.com/open-quantum-safe/liboqs/pull/1650#issuecomment-1893957110 of course only without keygen and sign. Anyone interested?