[Resource Topic] 2021/041: Post-Quantum LMS and SPHINCS+ Hash-Based Signatures for UEFI Secure Boot

Welcome to the resource topic for 2021/041

Title:
Post-Quantum LMS and SPHINCS+ Hash-Based Signatures for UEFI Secure Boot

Authors: Panos Kampanakis, Peter Panburana, Michael Curcio, Chirag Shroff, Md Mahbub Alam

Abstract:

The potential development of large-scale quantum computers is raising concerns among IT and security research professionals due to their ability to solve (elliptic curve) discrete logarithm and integer factorization problems in polynomial time. This would jeopardize IT security as we know it. In this work, we investigate two quantum-safe, hash-based signature schemes published by the Internet Engineering Task Force and submitted to the National Institute of Standards and Technology for use in secure boot. We evaluate various parameter sets for the use-case in question and we prove that post-quantum signatures with less than one second signing and less than 10ms verification would not have material impact (less than1‰) on secure boot. We evaluate the hierarchical design of these signatures in hardware-based and virtual secure boot. In addition, we develop Hardware Description Language code and show that the code footprint is just a few kilobytes in size which would fit easily in almost all modern FPGAs. We also analyze and evaluate potential challenges for integration in existing technologies and we discuss considerations for vendors embarking on a journey of image signing with hash-based signatures.

ePrint: https://eprint.iacr.org/2021/041

See all topics related to this paper.

Feel free to post resources that are related to this paper below.

Example resources include: implementations, explanation materials, talks, slides, links to previous discussions on other websites.

For more information, see the rules for Resource Topics .