The Lamport signature scheme, for example, doesn't rely on the difficulty of any problem and it only depends on the existence of one-way functions.
Is there an alternative scheme which also doesn't rely on the difficulty of factoring/discrete logarithm, but provides shorter signatures?
Asked
Active
Viewed 198 times
6
MaiaVictor
- 1,365
- 8
- 16
2 Answers
4
There are actually quite a few of these. Interest has been raised on this topic mainly due to the "post-quantum" security of such schemes. Also, Lamport is only a one-time signature, and we want a full-blown signature schemes.
For just one example see, SPHINCS: https://sphincs.cr.yp.to/sphincs-20150202.pdf.
Yehuda Lindell
- 28,270
- 1
- 69
- 86
3
As @YehudaLindell says, since Shor's Quantum Factoring Algorithm kills factoring and discrete log based cryptosystems, almost everything in the "Post-Quantum" crypto world will meet your requirement.
SPHINCS is similar to the Lamport scheme in that it only relies on hash functions.
There's also the realm of lattice-based cryptosystems such as NTRU. Also systems based on isogenies on supersingular elliptic curves produce small signatures.
Links to overview reports on various post-quantum crypto primitives:
Mike Ounsworth
- 3,717
- 1
- 20
- 29