Leighton-Micali Hash-Based Signatures
RFC 8554, “Leighton-Micali Hash-Based Signatures”, is an Informational document published in April 2019 by D. McGrew, M. Curcio, S. Fluhrer. The canonical text is published by the RFC Editor.
Abstract
This note describes a digital-signature system based on cryptographic hash functions, following the seminal work in this area of Lamport, Diffie, Winternitz, and Merkle, as adapted by Leighton and Micali in 1995. It specifies a one-time signature scheme and a general signature scheme. These systems provide asymmetric authentication without using large integer mathematics and can achieve a high security level. They are suitable for compact implementations, are relatively simple to implement, and are naturally resistant to side-channel attacks. Unlike many other signature systems, hash-based signatures would still be secure even if it proves feasible for an attacker to build a quantum computer.
This document is a product of the Crypto Forum Research Group (CFRG) in the IRTF. This has been reviewed by many researchers, both in the research group and outside of it. The Acknowledgements section lists many of them.
What “Informational” means
Published for the general information of the community. It does not define an IETF standard and carries no standards-track status.
The canonical text of RFC 8554 is hosted at rfc-editor.org. Available in TXT,HTML.
- RFC 8553 DNS Attrleaf Changes: Fixing Specifications That Use Underscored Node Names
- RFC 8555 Automatic Certificate Management Environment
- RFC 8552 Scoped Interpretation of DNS Resource Records through "Underscored" Naming of Attribute Leaves
- RFC 8556 Multicast VPN Using Bit Index Explicit Replication
- RFC 8551 Secure/Multipurpose Internet Mail Extensions Version 4.0 Message Specification
- RFC 8557 Deterministic Networking Problem Statement
- RFC 8550 Secure/Multipurpose Internet Mail Extensions Version 4.0 Certificate Handling
- RFC 8558 Transport Protocol Path Signals