K-XMSS and K-SPHINCS+: Enhancing Security in Next-Generation Mobile Communication and Internet Systems with Hash Based Signatures Using Korean Cryptography Algorithms

Abstract

As Mobile Communication and Internet Systems (MCIS) have rapidly developed, security issues related to MCIS have become increasingly important. Therefore, the development and research of security technologies for mobile communication and internet systems are actively being conducted. Hash-Based Signature (HBS) uses a hash function to construct a digital signature scheme, where its security is guaranteed by the collision resistance of the hash function used. To provide sufficient security in the post-quantum environment, the length of hash should be satisfied for the security requirement. Modern HBS can be classified into stateful and stateless schemes. Two representative stateful and stateless HBS are eXtended Merkle Signature Scheme(XMSS) and SPHINCS (Formula presented.), respectively. In this paper, we propose two HBS schemes: K-XMSS and K-SPHINCS (Formula presented.), which replace internal hash functions of XMSS and SPHINCS (Formula presented.) with Korean cryptography algorithms. K-XMSS is a stateful signature, while K-SPHINCS (Formula presented.) is its stateless counterpart. We showcase the reference implementation of K-XMSS and K-SPHINCS (Formula presented.) employing Lightweight Secure Hash (LSH) and two hash functions based on block ciphers (i.e., CHAM and LEA) as the internal hash function. In addition, K-XMSS and K-SPHINCS (Formula presented.) using Advanced Vector Extensions 2 (AVX2) have been provided, demonstrating that they can be optimized for better performance using advanced implementation techniques than previous approaches.