Quantum computers may well become a reality during the next decades. Current common digital signature schemes (RSA, DSA and ECDSA) are not quantum-resistant. Hash-based signatures are a quantum-safe alternative.

Initiated in 2014, the goal of the German 3-year research project Quantencomputer-resistente Signaturverfahren für die Praxis aka squareUP is to foster the practical use of hash-based signatures, a category of post-quantum digital signatures. The existing theoretical foundations of hash-based signatures will be completed by:

• An investigation and possible solutions for concrete issues, such as the handling of statefulness (key indexes must be tracked) and PKI integration;
• An implementation of hash-based signatures in an industrial software update system;
• Proof-of-concept integration in common security protocols such as TLS, SSH and S/MIME;
• Integration in open-source cryptographic libraries;
• Parameter recommendations for different application use cases;
• An analysis of side-channel resistance.

The project members, genua and TU Darmstadt, are presented here; see also the contact information. An introduction to post-quantum cryptography and hash-based signatures is available. Details about the project steps can be found here.

---

Funding for this project is granted by the Bavarian Ministry of Economic Affairs and Media, Energy and Technology (StMWi) and by the German Research Foundation (DFG).