NIST Requesting Comments on Two Quantum Resistant Digital Signature Algorithms


We had previously reported on NISTs selection program to standardize cryptography algorithms that are resistant to breaking by a quantum computer. Among the Round 2 proposals were nine algorithms intended for use in general digital signature applications. In the meantime, the Internet Engineering Task Force (IETF) has been working on standardization of a couple of more limited digital signature algorithms, called LMS and XMSS, that use a technique called the stateful hash based signature method. These algorithms are less flexible because they require the application to maintain state by keeping track of the one-time private keys that have been used to generate signatures, in order to prevent their reuse. NIST intends to approve these stateful-hash based signature standards only for use in a limited range of signature applications, such as code signing, where most implementations will be able to securely deal with the requirement to keep state and is looking for public comments before they take action. For more details, you can view NIST’s Request for Public Comment here. The deadline for comments is April 1, 2019.