A preview of the PDF is not available
WOTS-S: A Quantum Secure Compact Signature Scheme for Distributed Ledger
Abstract and Figures
The digital signature scheme, which underpins most of the existing distributed ledgers, is generally based on non-quantum attack resilient algorithms (e.g. elliptic curve digital signature algorithm). This highlights the need for quantum-secure signature schemes in future distributed ledgers (and other products). Therefore, in this paper, we propose a novel quantum-secure digital signature scheme designed specifically for cryptocurrencies. Our proposed scheme is a hash-based signature scheme, which is a variant of the Winternitz-one time signature scheme. A comparison of the proposed scheme and two other competing quantum-secure cryptocurrencies (IoTA and QRL) reveals that our scheme achieves a reduction of 59% and 24% in signature lengths without compromising the level of security. A salient feature of the proposed approach is that, unlike the previously proposed variants of the Winternitz scheme, we avoid the need for any expensive computation. In addition, we formally model the classical cryptocurrency and the proposed quantum-secure cryptocurrency using high-level Petri-nets, which allows the implementer to understand their workings in the presence of a quantum attacker. Furthermore, we also provide formal security proof in the random oracle model.
Figures - uploaded by Abid Khan
Author content
All figure content in this area was uploaded by Abid Khan
Content may be subject to copyright.
... Given these vulnerabilities, the need for quantum-resistant cryptographic solutions has become paramount. Researchers are actively developing post-quantum cryptographic (PQC) algorithms that rely on mathematical problems resistant to quantum attacks [41]. Lattice-based cryptography, multivariate polynomial cryptography, hash-based signatures, and code-based cryptographic methods are among the leading candidates being evaluated for their suitability in blockchain and cloud applications [42]. ...
... Additionally, end-to-end encrypted cloud communications can benefit from PQC integration. Secure messaging and encrypted email services currently use RSA-based key exchanges, which are vulnerable to quantum decryption techniques [41]. Implementing lattice-based encryption for secure cloud communication protocols such as TLS ensures that encrypted transmissions remain resilient against future quantum threats [42]. ...
... For cloud environments, PQC enhances data confidentiality and secure authentication. The adoption of quantum-resistant key exchange mechanisms such as FrodoKEM strengthens cloud communication channels, preventing man-in-the-middle attacks and unauthorized access [41]. Additionally, hybrid encryption models, where AES-256 is combined with PQC key exchange protocols, ensure data protection against both classical and quantum adversaries [42]. ...
The advent of quantum computing poses an existential threat to contemporary cryptographic standards, particularly those securing decentralized blockchain networks and cloud infrastructures. Classical public-key cryptosystems such as RSA, ECC, and DH, which rely on factorization and discrete logarithm problems, are rendered obsolete by Shor's algorithm, necessitating the transition toward post-quantum cryptographic (PQC) solutions. This study explores the integration of PQC algorithms, including lattice-based, hash-based, code-based, multivariate, and isogeny-based cryptographic mechanisms, within blockchain-ledger technologies and cloud architectures to ensure long-term security against quantum adversaries. A comparative analysis is conducted to evaluate computational efficiency, key size implications, communication overhead, and security resilience under quantum attack models. The research highlights the adaptation of PQC within blockchain consensus mechanisms, smart contract execution, and cryptographic primitives such as digital signatures, zero-knowledge proofs, and secure multi-party computation (MPC). Additionally, it examines the impact of PQC on cloud security, addressing challenges in quantum-safe key exchange protocols, homomorphic encryption for secure computations, and cross-platform interoperability within hybrid quantum-classical cloud ecosystems. Real-world implementations and benchmarking data provide insights into the feasibility of large-scale adoption, shedding light on standardization efforts by NIST and industry consortia. The study concludes with future directions, emphasizing the need for efficient PQC algorithm optimization, lightweight cryptographic frameworks for IoT-driven blockchain applications, and scalable post-quantum identity management systems. By establishing quantum-resistant security frameworks, this research underscores the imperative need for early adoption to mitigate cryptographic vulnerabilities in the impending post-quantum era.
... It is worth noting that when using the Winternitz signature, the public key is significantly shorter. In the article [13], a new post-quantum digital signature scheme designed for cryptocurrencies is proposed. This scheme is based on a hash-based signature scheme that is a variant of the Winternitz one-time signature. ...
... Hash function security levels[13,25]. ...
... Computers 2024, 13,26 ...
The distinguishing feature of hash-based algorithms is their high confidence in security. When designing electronic signature schemes, proofs of security reduction to certain properties of cryptographic hash functions are used. This means that if the scheme is compromised, then one of these properties will be violated. It is important to note that the properties of cryptographic hash functions have been studied for many years, but if a specific hash function used in a protocol turns out to be insecure, it can simply be replaced with another one while keeping the overall construction unchanged. This article describes a new post-quantum signature algorithm, Syrga-1, based on a hash function. This algorithm is designed to sign r messages with a single secret key. One of the key primitives of the signature algorithm is a cryptographic hash function. The proposed algorithm uses the HAS01 hashing algorithm developed by researchers from the Information Security Laboratory of the Institute of Information and Computational Technologies. The security and efficiency of the specified hash algorithm have been demonstrated in other articles by its authors. Hash-based signature schemes are attractive as post-quantum signature schemes because their security can be quantified, and their security has been proven.
... Shahid et al. [22] introduced WOTS-S, a hash-based One-Time Signature scheme tailored for post-quantum cryptographic currencies. Although it offers a secure alternative to ECDSA in a post-quantum world, its large signature sizes are impractical for distributed ledgers in IoT scenarios. ...
This study aims to improve execution time, CPU utilization, network efficiency, and scalability while upholding robust security measures. The IOTA-DLT-based RA-WRW algorithm is developed in Python, considering node resources and transaction weights for optimal tip selection—verification procedures confirming tip authenticity and transaction validity. The algorithm significantly improves IOTA network transaction processing efficiency tips exhibit high authenticity and consistency, affirming the algorithm's effectiveness. The research presents the innovative IOTA-DLT RA-WRW algorithm, which integrates Resource Allocation (RA) and Weighted Random Walk strategies. This novel approach tackles challenges like lazy tip selection, network congestion, and double spending. By performance parameter and the tip selection process, the algorithm improves comparative analyses against existing methods and confirms the superior performance of our model, boasting high accuracy, f-measure, recall, precision, and scalability in distributed ledger transactions, significantly enhancing the IOTA network's transaction processing capabilities.
... To further shorten the signature size, a new hash-based signature called WOTS-S was proposed [117], a variant of the W-OTS scheme. The signature sizes of WOTS-S are 59% and 24% shorter than the IOTA and QRL schemes, respectively. ...
Blockchains have gained substantial attention from academia and industry for their ability to facilitate decentralized trust and communications. However, the rapid progress of quantum computing poses a significant threat to the security of existing blockchain technologies. Notably, the emergence of Shor's and Grover's algorithms raises concerns regarding the compromise of the cryptographic systems underlying blockchains. Consequently, it is essential to develop methods that reinforce blockchain technology against quantum attacks. In response to this challenge, two distinct approaches have been proposed. The first approach involves post-quantum blockchains, which aim to utilize classical cryptographic algorithms resilient to quantum attacks. The second approach explores quantum blockchains, which leverage the power of quantum computers and networks to rebuild the foundations of blockchains. This paper aims to provide a comprehensive overview and comparison of post-quantum and quantum blockchains while exploring open questions and remaining challenges in these domains. It offers an in-depth introduction, examines differences in blockchain structure, security, privacy, and other key factors, and concludes by discussing current research trends.
... One of the well-known one-time signature schemes (OTS), used in many modern post-quantum signatures, is the Winternitz OTS (WOTS) scheme [14]. In the construction of a signature in the WOTS scheme, a sequence of secret keys = , , … , / is first generated using a random number generator (RNG). ...
This paper proposes a new post-quantum signature scheme, Syrga2, based on hash functions. As known, existing post-quantum algorithms are classified based on their structures. The proposed Syrga2 scheme belongs to the class of multi-use signatures with state retention. A distinctive feature of state-retaining signatures is achieving a compromise between performance and signature size. This scheme enables the creation of a secure signature for r messages using a single pair of secret and public keys. The strength of signature algorithms based on hash functions depends on the properties of the hash function used in their structure. Additionally, for such algorithms, it is possible to specify the security level precisely. In the proposed scheme, the HBC-256 algorithm developed at the Institute of Information and Computational Technologies (IICT) is used as the hash function. The security of the HBC-256 algorithm has been thoroughly studied in other works by the authors. In contrast to the Syrga1 scheme presented in previous works by the authors, the Syrga2 scheme provides for the definition of different security levels determined by the parameter τ. This paper experimentally demonstrates the impossibility of breaking the proposed scheme using a chosen-plaintext attack. Additionally, the scheme’s performance is evaluated for signature creation, signing, and message verification.
... entangled quantum states, including but not limited to Bell states, W states, GHZ states, and Dicke states, has been the subject of rigorous exploration. These states are pivotal quantum resources, facilitating a myriad of tasks such as quantum key agreement (QKA) [1], quantum secure direct communication (QSDC) [2], quantum secret sharing (QSS) [3][4][5], quantum secure multiparty computation (QSMC) [6-9], quantum signature (QS) [10,11] and others [12][13][14]. These applications underscore the versatility and critical importance of quantum entanglement in the domain of quantum information science. ...
Private set computation (PSC) represents a pivotal technology in the information age, facilitating the processing of sensitive datasets while safeguarding privacy. In this paper, we propose a secure quantum protocol theoretically to achieve private set computation, utilizing the quantum entanglement correlations of Greenberger-Horne-Zeilinger (GHZ) states, and applicable to computations such as Private Set Intersection Cardinality (PSI-CA) and Private Set Union Cardinality (PSU-CA). This protocol incorporates an identity verification mechanism, ensuring that only authenticated users can engage in the computation process. It is designed to specifically cater to the computational requirements of PSI-CA or PSU-CA applications, while maintaining the privacy of each element within the data sets. Our approach utilizes tripartite GHZ states alongside single qubit preparations, which are notably straightforward to generate. Furthermore, the quantum operations required from users are confined to MX or MY measurements, thereby enhancing the protocol’s practical feasibility. The proposed protocol is secure and can resist attacks from both internal and external attackers, such as user impersonation attacks, user collusion attacks, etc. To substantiate the practical applicability, we employ an example of two private data sets for experimental verification on the IBM quantum computing platform. This work further illustrates the advantages of the GHZ state in private set computing and explores the quantum benefits of entanglement in such computations.
The development of a Merkle post-quantum signature scheme based on a modified Lamport one-time signature algorithm is presented. The Merkle signature algorithm and the Lamport one-time signature algorithm are described. There is also a review of the current literature on the subject of the Merkle signature algorithm. A modified algorithm for Lamport's one-time electronic digital signature is described. The algorithms for key generation, signature generation, and verification of a previously generated signature are described in detail. The paper presents a software implementation of an electronic digital signature system with a graphical interface based on the developed algorithm, which allows key generation, signature generation and verification. A flowchart is provided for each of the main modules of the program, and the graphical interface of the developed software for each module is also demonstrated. The results of testing the modified algorithm are presented and its performance is compared with the standard algorithm. The test results confirm that using the modified algorithm allows faster verification of messages, while the speed of key generation and signature does not increase in comparison with the standard algorithm. The modified algorithm speeds up verification regardless of the message length. The results of the performed research are a modified Lamport one-time signature algorithm, which provides a higher signature verification rate compared to the classical algorithm, and a software tool with a graphical interface for generating and verifying a post-quantum electronic digital signature.
This work is to present a new approach – the Resource Allocation Weighted Random Walk (RA-WRW) algorithm, based on IOTA-Distributed Ledger Technology (DLT), for the optimization of transaction processing within the IOTA network. The objectives of improved execution time, better CPU usage, enhanced network efficiency, and better scalability are met in accordance with stringent security measures. The Python-based algorithm considers node resources and transaction weights for the selection of the best tips. The authentication operation of the sender with private keys ensures the integrity of the data, while verification procedures confirm the authenticity of the tips and the validity of transactions. Implementation of this algorithm greatly improves the efficiency of IOTA network transaction processing. The experiment is run on a commonly used dataset available in Kaggle and some system-specific configurations, which depicts a significant improvement in execution time, CPU usage, network efficiency, and scalability. The tips selected are very authentic and consistent, thus proving the efficacy of this algorithm. It proposes a new RA-WRW algorithm based on IOTA-DLT, efficiently fusing resource allocation with weighted random walk strategies for improving the security, efficiency, and scalability in distributed ledger transactions. This has been a colossal development toward the betterment of processing transactions across the IOTA network and feels the pulse of such a newer approach in applications across the real world.
Blockchains have gained substantial attention from academia and industry for their ability to facilitate decentralized trust and communications. However, the rapid progress of quantum computing poses a significant threat to the security of existing blockchain technologies. Notably, the emergence of Shors and Grovers algorithms raises concerns regarding the compromise of the cryptographic systems underlying blockchains. Consequently, it is essential to develop methods that reinforce blockchain technology against quantum attacks. In response to this challenge, two distinct approaches have been proposed. The first approach involves post-quantum blockchains, which aim to utilize classical cryptographic algorithms resilient to quantum attacks. The second approach explores quantum blockchains, which leverage the power of quantum computers and networks to rebuild the foundations of blockchains. This paper aims to provide a comprehensive overview and comparison of post-quantum and quantum blockchains while exploring open questions and remaining challenges in these domains. It offers an in-depth introduction, examines differences in blockchain structure, security, privacy, and other key factors, and concludes by discussing current research trends.
This chapter presents the beginnings of homomorphic encryption, definitions, and types. Also, an entire section is focused on fully homomorphic encryption, the most interesting and promising type of homomorphic encryption. Further, the chapter presents recent advancements in homomorphic encryption discussing the advantages, disadvantages, performance, security requirements and presents case studies and practical applications in different domains (for example, Internet-of-Things, Machine Learning, Artificial Intelligence, etc.) Lastly, the chapter presents the challenges and research directions for homomorphic encryption.
This paper presents how a Smart Grid system is secured and how blockchain implementation provides confidentiality and integrity for such a system. One main issue that has to be addressed in smart grid systems is databases security. Blockchain has been proven to be a safe alternative to be used in mining systems because it allows a secure applicability in databases. Another important feature is that each hash in a crypto mining system cannot be changed if it has such an algorithm behind its build, thus resulting in a secure and reliable system. This paper aims to show how blockchain can affect and be used in a smart power management system going forth from the SealedGRID platform. This system enables the user to monitor in real time the power usage in a smart grid system, therefore, this platform being built with security and resilience against attacks in mind.
Distributed Ledger Technologies (DLTs) and blockchain systems have received enormous academic, government, and commercial interest in recent years. This article surveys the integration of DLTs within another life-changing technology, the Internet of Things (IoT). IoT-based applications, such as smart home, smart transport, supply chain, smart healthcare, and smart energy, promise to boost the efficiency of existing infrastructures and change every facet of our daily life. This article looks into the challenges faced by such applications and reviews a comprehensive selection of existing DLT solutions to those challenges. We also identify issues for future research, including DLT security and scalability, multi-DLT applications, and survival of DLT in the post-quantum world.
Cloud-assisted Industrial Internet of Things (IIoT) relies on cloud computing to provide massive data storage services. To ensure the confidentiality, sensitive industrial data need to be encrypted before being outsourced to cloud storage server. Public-key encryption with keyword search (PEKS) enables users to search target encrypted data by keywords. However, most existing PEKS schemes are based on conventional hardness assumptions, which are vulnerable to adversaries equipped with quantum computers in the near future. Moreover, they suffer from key exposure, and thus the security would be broken once the keys are compromised. In this paper, we propose a forward secure PEKS scheme (FS-PEKS) based on lattice assumptions for cloud-assisted IIoT, which is post-quantum secure. We integrate a lattice-based delegation mechanism into FS-PEKS to achieve forward security, such that the security of the system is still guaranteed even the keys are compromised by the adversaries. We define the first formal security model on forward security of PEKS, and prove the security of FS-PEKS under the model. As the keywords of industrial data are with inherently low entropy, we further extend FS-PEKS to resist insider keyword guessing attacks (IKGA). The comprehensive performance evaluation demonstrates that FS-PEKS is practical for cloud-assisted IIoT.
The decentralized digital currency Bitcoin is an anonymous alternative to the centralized banking system and enjoys widespread and increasing adoption. Since Bitcoin created, many other electronic currencies have been developed. We propose a protocol for an electronic currency for making anonymous payments that can be supervised by an auditor, who has sole access to the transaction history. Other electronic currencies provide only anonymity, which is convenient for making illegal transactions without regulation. For users, miners, and banks, the transactions of our electronic currency are anonymous, and only auditors can see how it is used. We make use of POW (prove-of-work) technique that allows for distributed decisionmaking within a network, namely the Bitcoin blockchain protocol. We combine the POW and blockchain technology of Bitcoin to give better protection against double-spending attacks.
A decentralized online quantum cash system, called qBitcoin, is given. We design the system which has great benefits of quantization in the following sense. Firstly, quantum teleportation technology is used for coin transaction, which prevents from the owner of the coin keeping the original coin data even after sending the coin to another. This was a main problem in a classical circuit and a blockchain was introduced to solve this issue. In qBitcoin, the double-spending problem never happens and its security is guaranteed theoretically by virtue of quantum information theory. Making a block is time consuming and the system of qBitcoin is based on a quantum chain, instead of blocks. Therefore, a payment can be completed much faster than Bitcoin. Moreover we employ quantum digital signature so that it naturally inherits properties of peer-to-peer (P2P) cash system as originally proposed in Bitcoin.
Blockchain technology has arisen as a promising protocol to replace centralized and less efficient systems. In fact, for the first time, it is possible to achieve decentralized consensus without the need for trusted authorities, resulting in more efficient processes and saving both money and time.