Skip to content

georgwiese/hash-based-signatures

Folders and files

NameName
Last commit message
Last commit date

Latest commit

 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 

Repository files navigation

Hash-based signatures

A Rust implementation of hash-based signatures. See my Medium post for a longer description!

Disclaimer: This repository is a toy project to play around with Rust and cryptographic primitives. It implements some ideas of Chapter 14 of "A Graduate Course in Applied Cryptography" by Dan Boneh and Victor Shoup.

Hash-based signatures - unlike signature schemes based on RSA or ECC - do not rely on number-theoretic assumptions that are known to be broken by Quantum computers.

Stateless many-time signature schemes can be built in a three-step process:

  1. A one-time signature scheme can be built purely from hash functions.
  2. From there, we build an indexed signature scheme. Using a Merkle tree, the otherwise very large public key can be reduced to a single hash (at the expense of a larger signature).
  3. Finally, Merkle signatures build a tree of indexed signature schemes.

Command line tool

Install Rust and run:

$ cargo install hash-based-signatures

This gives you a command-line tool that lets you generate keys, sign files, and validate signatures:

To get started with signature verification, check out the example!

To sign files, run:

$ cargo run -- key-gen

This will create a .private_key.json in your working directory and print the corresponding public key. Keep it private!

To sign a file, make sure that you have a .private_key.json in your working directory and run:

$ cargo run -- sign example/readme.md

Web app

Last but not least, signatures can also be verified using a web app, based on a Web Assembly compilation of the code:

https://georgwiese.github.io/hash-based-signatures/

About

Toy implementations of hash-based signatures

Resources

Stars

Watchers

Forks

Releases

No releases published

Packages

No packages published