IETF Logo Mail Archive

[Suit] Notes on your usage of HSS-LMS

"Scott Fluhrer (sfluhrer)" <sfluhrer@cisco.com> Tue, 09 November 2021 22:06 UTC

Return-Path: <sfluhrer@cisco.com>
X-Original-To: suit@ietfa.amsl.com
Delivered-To: suit@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 920273A11B6 for <suit@ietfa.amsl.com>; Tue, 9 Nov 2021 14:06:20 -0800 (PST)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -9.598
X-Spam-Level:
X-Spam-Status: No, score=-9.598 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, DKIM_VALID_EF=-0.1, HTML_MESSAGE=0.001, RCVD_IN_MSPIKE_H2=-0.001, SPF_NONE=0.001, URIBL_BLOCKED=0.001, USER_IN_DEF_DKIM_WL=-7.5] autolearn=ham autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (1024-bit key) header.d=cisco.com header.b=aHCzl0oW; dkim=pass (1024-bit key) header.d=cisco.onmicrosoft.com header.b=UK/gu32j
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id g-n9mUqgCOVa for <suit@ietfa.amsl.com>; Tue, 9 Nov 2021 14:06:15 -0800 (PST)
Received: from rcdn-iport-1.cisco.com (rcdn-iport-1.cisco.com [173.37.86.72]) (using TLSv1.2 with cipher DHE-RSA-SEED-SHA (128/128 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id A3E213A08F6 for <suit@ietf.org>; Tue, 9 Nov 2021 14:06:15 -0800 (PST)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple; d=cisco.com; i=@cisco.com; l=9341; q=dns/txt; s=iport; t=1636495575; x=1637705175; h=from:to:subject:date:message-id:mime-version; bh=m8n2sIZpgEGDwBKiDYoywJsPXK3I7F0YdJDcqjKUlIc=; b=aHCzl0oWVf+NS8+3nNIsPaomIAv4iCnIxbHaGhHsPE8hRRcfVI1OBVsV LDcKZw1ozR2TgabfMNizV+koAKW4PfwleLbR4i2qvsPK8NATyRroXunvC GTQa8OJBLHAyjJJPxMv8Ai7sy/km267SW/eqPCtm34JQIrD9Pq5POyO1x o=;
IronPort-PHdr: =?us-ascii?q?A9a23=3Azf6J9hNKhoguf/yWacsl6ncfWUAX0o4cdiYU5?= =?us-ascii?q?4YpzbVUfffr85fjORnZ4vNgxB/MUJ7A4v1Jw+zRr+j7WGMG7JrA1RJKcJFFW?= =?us-ascii?q?xIfz8lDmQsmDZ2EBFH1avnwYH9yEMFLTlQw+Xa9PABcE9r/YFuHpHq04HYSF?= =?us-ascii?q?xzzOBAzKP7yH9vZjt+80Ka5/JiACzg=3D?=
IronPort-Data: =?us-ascii?q?A9a23=3AWw7S6aIWlFI6MJu7FE+RzJclxSXFcZb7ZxGr2?= =?us-ascii?q?PjKsXjdYENS0WQBy2EeWTjUPP/bZGb0e950a4i3oUICupDTydRhTlQd+CA2R?= =?us-ascii?q?RqmiyZq6fd1j6vI0qj7wvTrFCqL1O1DLImfRCwIZiWE/E70a+Cw9SIUOZygH?= =?us-ascii?q?9IQNsaVYkideic8IMsRoUoLd98R2uaEs/Dga+++kYuaT/nkBbOQ82Uc3lT4R?= =?us-ascii?q?E60gEgHUPza4Fv0t7GlDBxBlAe2e3I9VPrzKUwtRkYUTLW4HsbiLwrC5Kuy8?= =?us-ascii?q?mWc9BA3B5b8yPDwc1YBRfjZOg3mZnh+Avf5xEMd4H1plP9nZJLwam8P49mNt?= =?us-ascii?q?8t/zMhNr5GqYQwoJabL3u8aVnG0FgkvYPUfo+WXeSPXXcu7iheun2HX6+5zD?= =?us-ascii?q?V0ePIAE9KBwG24myBCyAFjhdTiZjO6whbm8UOQp355lJ8jwN4RZsXZlpQw1x?= =?us-ascii?q?M0OGfjrK5gmL/cBtNvouv1zIA=3D=3D?=
IronPort-HdrOrdr: =?us-ascii?q?A9a23=3A7mIFkaGCXXAXDR8gpLqFUZHXdLJyesId70?= =?us-ascii?q?hD6qkvc31om52j+fxGws516fatskdqZJhSo6H8BEDgewKQyXcR2+ks1NiZLX?= =?us-ascii?q?HbUQeTXeRfBOjZsnHd8k/Fh5VgPM5bGsAUYrCdfDsK7/oSizPIdOrIteP3iZ?= =?us-ascii?q?xA8t2uqUuFIzsaD51I3kNcMEK2A0d2TA5JCd4SD5yH/PdKoDKmZDA+ctm7Lm?= =?us-ascii?q?NtZZmNm/T70LbdJTIWDR8u7weDyRmy7qThLhSe1hACFxtS3LYZ93TfmQCR3N?= =?us-ascii?q?Tsjxj78G6c64bg1eUUpDLT8KoAOCVKsLlRFtzYsHfpWG2mYczHgNl6mpDp1L?= =?us-ascii?q?9gqqixn/5pBbUN15qWRBDynfMosDOQiArHLBTZuAalaDLY0LLEbSN/BMxbiY?= =?us-ascii?q?1DdBzFr0ImodFnyapOm3mUrpxNEHr77WzADvXzJmdXf3CP0DMfeC8o/g5ieJ?= =?us-ascii?q?pbbKUUoZ0U/UtTHptFFCXm6Jo/GO0rCM3H/v5ZfV6Tcnic5wBUsZaRd2V2Gg?= =?us-ascii?q?3DTlkJu8ST3TQTlHdlz1EAzMhamnsb7poyR5RN+uyBOKV1k7NFSNMQcMtGda?= =?us-ascii?q?w8aNryDnaITQPHMWqUL1iiHKYbO2jVo5qy+7kx7PHCQu1+8HLzouW0bLp1jx?= =?us-ascii?q?9DR6veM7z64HQQyGG9fIyUZ0Wf9v1j?=
X-IronPort-Anti-Spam-Filtered: true
X-IronPort-Anti-Spam-Result: =?us-ascii?q?A0B2CAAD8Iph/5RdJa1agQmBWYEhMVE?= =?us-ascii?q?Hd1IINzGIDgOFOYVsgiWVe4UKgS6BJQNUCwEBAQ0BAUEEAQGFAgKCVwIlNAk?= =?us-ascii?q?OAQIEAQEBEgEBBQEBAQIBBgSBEROFaA2GWxsTAQE4EQGBACYBBBsaglCBflc?= =?us-ascii?q?DLwGgXQGBOgKKH3iBM4EBgggBAQYEBIUKGII1CYE6gwuEGIctHIFJRIFYgje?= =?us-ascii?q?FCyqDTYIujz5oIhmBHVpNnwGNV5EMgSQKgzgFnxYVpyiWEKYDAgQCBAUCDgE?= =?us-ascii?q?BBoFhOyuBLnAVgyRRGQ+OBiYWg1CKXnQ4AgYLAQEDCY4wgkUBAQ?=
X-IronPort-AV: E=Sophos;i="5.87,221,1631577600"; d="scan'208,217";a="950132803"
Received: from rcdn-core-12.cisco.com ([173.37.93.148]) by rcdn-iport-1.cisco.com with ESMTP/TLS/DHE-RSA-SEED-SHA; 09 Nov 2021 22:06:12 +0000
Received: from mail.cisco.com (xbe-rcd-007.cisco.com [173.37.102.22]) by rcdn-core-12.cisco.com (8.15.2/8.15.2) with ESMTPS id 1A9M6CJM006397 (version=TLSv1.2 cipher=AES256-SHA bits=256 verify=OK) for <suit@ietf.org>; Tue, 9 Nov 2021 22:06:12 GMT
Received: from xfe-rtp-005.cisco.com (64.101.210.235) by xbe-rcd-007.cisco.com (173.37.102.22) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.2.792.15; Tue, 9 Nov 2021 16:06:12 -0600
Received: from xfe-aln-001.cisco.com (173.37.135.121) by xfe-rtp-005.cisco.com (64.101.210.235) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.2.792.15; Tue, 9 Nov 2021 17:06:10 -0500
Received: from NAM11-CO1-obe.outbound.protection.outlook.com (173.37.151.57) by xfe-aln-001.cisco.com (173.37.135.121) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.2.792.15 via Frontend Transport; Tue, 9 Nov 2021 16:06:10 -0600
ARC-Seal: i=1; a=rsa-sha256; s=arcselector9901; d=microsoft.com; cv=none; b=KuM4GlZc24DbW/PV8204czpCqfW91D7y/fXXvv3ZEz1KojUusp9OVwYgHqnGMDMC8n8oaSd//LEHmrl4DIvZ8N7bDdDOqd2hNxzRvJfZQL436rOqmYHGCBRRm3skb9Ifa3+YafQCyY70v8jemkcFWzzew7coH0VH2NgUowdGvz2HBwSZaQyZ6B8BoCPqHnC1lYxMnt1w9l07HoN71iWRnCgnySfjFmq2wbQyvXLTHbB3AMjDFSZzYrPlSFoBfYhQlO8GdwBn6pqVYKuQI00p4Om4NPFEdR/hSOMT2dUwf/Da/ksAvuKOMDHRu3anpo480UVkCd5EwEDNQmzEMb06IQ==
ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=microsoft.com; s=arcselector9901; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-AntiSpam-MessageData-ChunkCount:X-MS-Exchange-AntiSpam-MessageData-0:X-MS-Exchange-AntiSpam-MessageData-1; bh=7qOosKSBw7TloUKPnSOKwXf6XXlI9ugYwdfaPWFxvWo=; b=YeSdR5Dtj+sn9/E+MiSXsdRvMk1lob2gOREIx5TDWOvqKdjJeC/4JHA3EiJ3cPhaGUd2Vrisqi0VptS+PjQnRUNO/4Ncc9qjW0X3uNUlXGegz/qs5TVFZTCYJT1socqQFAgVlp2SelbMLYHEC5GiUjtHbrSYPEebnK9TPAe+TZBoQER+pfPXNwNDmJ22LTu9W2e/cdOO42RnZZUqzlxAumuuxHWptdnatTQDHAm12taxtBSNJXLI+Y/cKjvkeVC7URkJsCdT9JEDLAMkJ9/KaBKNZfcQrdHC5QoPL+nNmbMcEHNV2I+pUpykTkJfUGtEGfXEadADFGg+tuh8JCEWuA==
ARC-Authentication-Results: i=1; mx.microsoft.com 1; spf=pass smtp.mailfrom=cisco.com; dmarc=pass action=none header.from=cisco.com; dkim=pass header.d=cisco.com; arc=none
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=cisco.onmicrosoft.com; s=selector2-cisco-onmicrosoft-com; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-SenderADCheck; bh=7qOosKSBw7TloUKPnSOKwXf6XXlI9ugYwdfaPWFxvWo=; b=UK/gu32jLa+I1TwB/8aqJDePVlnUL2v+VjdM7fSFaSWr/f/J9ZMVgO+Aj4TFUtI5MT4CtOVACMYpLOemhLCA+I2CcJ1DwyY0qnCQ+wgyYDkzULzMZ+Is8FD3WsxAg66zYC7g8/wy+IHAef3rIlmP8IaRnxHIZ7J+7oTMf+4V540=
Received: from BL3PR11MB5682.namprd11.prod.outlook.com (2603:10b6:208:33d::18) by MN2PR11MB4206.namprd11.prod.outlook.com (2603:10b6:208:188::10) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.20.4669.16; Tue, 9 Nov 2021 22:06:09 +0000
Received: from BL3PR11MB5682.namprd11.prod.outlook.com ([fe80::7967:f6c7:1632:1549]) by BL3PR11MB5682.namprd11.prod.outlook.com ([fe80::7967:f6c7:1632:1549%7]) with mapi id 15.20.4649.020; Tue, 9 Nov 2021 22:06:09 +0000
From: "Scott Fluhrer (sfluhrer)" <sfluhrer@cisco.com>
To: suit <suit@ietf.org>
Thread-Topic: Notes on your usage of HSS-LMS
Thread-Index: AdfVsldDXrQRcAMoQ+KXtfnT4Dh+nw==
Date: Tue, 9 Nov 2021 22:06:08 +0000
Message-ID: <BL3PR11MB56826CB10DB7EAD8A920B1D9C1929@BL3PR11MB5682.namprd11.prod.outlook.com>
Accept-Language: en-US
Content-Language: en-US
X-MS-Has-Attach:
X-MS-TNEF-Correlator:
authentication-results: ietf.org; dkim=none (message not signed) header.d=none;ietf.org; dmarc=none action=none header.from=cisco.com;
x-ms-publictraffictype: Email
x-ms-office365-filtering-correlation-id: ad5cf8df-04e0-4c9d-e6de-08d9a3cd2270
x-ms-traffictypediagnostic: MN2PR11MB4206:
x-microsoft-antispam-prvs: <MN2PR11MB4206E187FADC752CBE9B9926C1929@MN2PR11MB4206.namprd11.prod.outlook.com>
x-ms-oob-tlc-oobclassifiers: OLM:10000;
x-ms-exchange-senderadcheck: 1
x-ms-exchange-antispam-relay: 0
x-microsoft-antispam: BCL:0;
x-microsoft-antispam-message-info: Zb4WofVtk3KMP/lRGuxZ6lT0+oYNsLagtYUnv1pcRNncp8pkAAEePQWSMV4saAIo5FBPr3IrRwYCwOxxkBf9NChEdZGZynUH5WvqkJ6wiMU2C8fzP/bEbj7DR3sEJK+G6cUwqQZM3r9HUnMoW+iGQ1lAse9IJ1EcDJg3L3kukMP0ix4YIdOXC8+JAqf5Q5HAmorX5ffoqOvIzU8eyLdgnCAlPiwUdJ1zHFYwl03dixIk5612c8HMjL/sLtR98sklUbQEjM7TpnQWEsyJbJZHIKeqdjPRuL2deXI2+VsbCCqBvA2cvWJD2UCoBq3UvOi/GpSIXnOwBCmrZzzLNYvptI8+iwPxV/ZlFNRqA0CJ03hDQ6amOQcHNRINn6sRUX3VwOkeKdcBPkPj+n9Y+lnlAO/zHbFzdEa68PSF9WLh1MvaN2wEgYfwUeIJY81cwNP99E11xDm390C9I6fFI7Lx1H+l8CIY/gKV2ZWXcKPrL1b0tYi+v6SgaaoQCAPyfaCYbC3Gkdq8NtQKdTVO2D2ZErUZc/QhbryuKdnZKePXXDton9VfRPaUKj5wAa5TzPQDN2BuuZvBqKVz8VI1yXMq6bReuK9c/W7e3M7Ln10MmLbyv4KCW2xZDzXoCM7YCB7j7lY+Rtw8VUjpbJwyfCdiefEf5SS71UARdbywF3xjG7V6S9VgEDsb3iUONN6O64HpR5gB82SmjqL1jEoxkFmcxg==
x-forefront-antispam-report: CIP:255.255.255.255; CTRY:; LANG:en; SCL:1; SRV:; IPV:NLI; SFV:NSPM; H:BL3PR11MB5682.namprd11.prod.outlook.com; PTR:; CAT:NONE; SFS:(366004)(66556008)(7696005)(66946007)(64756008)(122000001)(76116006)(66446008)(9686003)(33656002)(2906002)(8936002)(55016002)(71200400001)(66476007)(6916009)(9326002)(8676002)(508600001)(5660300002)(26005)(316002)(38100700002)(186003)(86362001)(6506007)(52536014)(38070700005)(83380400001); DIR:OUT; SFP:1101;
x-ms-exchange-antispam-messagedata-chunkcount: 1
x-ms-exchange-antispam-messagedata-0: =?us-ascii?Q?0KMm98ZGhvj5b6ZsuEtjnYxo/sl6GRNtK/0oP9Q7gWZrCYWVHMf3Y7YdhzWd?= =?us-ascii?Q?zMDvqET0D8R2ko3cNsKDYnOroYtZ6P1qy4OWLbuA8AFu4wG4r51MUFPXdqe/?= =?us-ascii?Q?qh/raxH7lA0QbDq3M2FUM3kZU/JHxGu2cwbQLM6tD52u5pR53dtOX8w3PWcT?= =?us-ascii?Q?Oh+3QmjXM4/w+vlYdb1Q6rwtw4D2ZJhIzldp+G7CM6S3vwT/QJCgJwDdaZBQ?= =?us-ascii?Q?VGXs6BjEHefDSa1fqEabcHKTYbDlaE4WHOUHVs4OuCKpflZPSJfDWPE6m0eP?= =?us-ascii?Q?scWTMEBtMvZOrJewDbl57lOQpV0pcjOz1FGAaKAp/1BkzzvX5AEtwP3CZxQn?= =?us-ascii?Q?5qHkHWcPGGQoPNmREvUAtwJva2/92eNjn2yrJn5+ArunrK9ABl9XCy1vAanu?= =?us-ascii?Q?3DnAtClEQb7KLPgWwBZtFsFpgC2cNFDMunns5x6ajvuUktGAKbaaUX9A48Ti?= =?us-ascii?Q?XqoRn4YoJpcuqShKcWGCts9LvT9Nl3QTYnPn3xe6lcVHAY1SUxili+dJjHtd?= =?us-ascii?Q?uZd8LY8xw3BQO1KSXDSXDQUPVv16/HqHfLj4wOskHtgu6z1PsQDIXWF1fLjq?= =?us-ascii?Q?mF/p6s77YYALl0SyHZZWTJ/Ns1cL+EEtZTX/rvsA1LhAoMUVvxmo1ddMBRkf?= =?us-ascii?Q?M1gk/B6G5+bj84fhEqX5K4pWsp+fRLYw8EMS8aZkvxVsInTYNAs3RcfeuKCw?= =?us-ascii?Q?ZSoJ8x5tga5+eqvme8b4guMIEDzJE4sGTzUWlL2CmGUYE88J6kMeVEIj4L0V?= =?us-ascii?Q?aGscZlyH0TIxKqqiKvNdza17Dl2wso31Jru7FIe5zZjBkDMVYbernMz/iJrL?= =?us-ascii?Q?DqAfj1svStXmWTBc58HtWtznQYLwcsH0r9tDtGAS1UPSDb3cJol/C0pwhP1g?= =?us-ascii?Q?h9sI4uBK190n7ZF/UZ+vtl3VNzrKcU3qz7V0ezWBQRUO+ye3pv8PnohlExQL?= =?us-ascii?Q?F+AI2/Dz6lkdiDFxGQZf7amZKQjGDiskxEhlOat0MuR+PK9VWlgG+h0nK8EF?= =?us-ascii?Q?FXhlv/KeBbX8fxX1b/KJVeMbsBzu24LsyiA29Ur38XzLY4OvU40cLwwsfl6m?= =?us-ascii?Q?AW2MA1Prk0Gg9XXLZ1nvg9XU45VtfAkTN1vV3xIlEU0NPQJK/Pg10c/BSbpn?= =?us-ascii?Q?e19qOgezHNznJ3ZbBTXNfcQlTHMmE2C7FEM8e5c3fwNm3q6uCczFRNCaK10w?= =?us-ascii?Q?vIv5se+ZX5vGLUxD2jXEBaCKrUfxgdUJhVKzaHv3TbApMjATzmuQBJTu0hEs?= =?us-ascii?Q?V+ylgxIJtf/vLT8kNJ2waGzhZq/JvOnpgj9Qc0+FwWtDM5VrcJXAcvn4CaV/?= =?us-ascii?Q?A7j9rx6FVJ0iHx59lE8V5sL7biYOqLE5smku0/0zszBHdLx1zBAZeg4ud3zr?= =?us-ascii?Q?iI7uYyzcdRsT43l5gW5yGEsh/rJjEaVugTTNYX8nssdnz1Cd8m8hLl7zvPl0?= =?us-ascii?Q?HzqlXupbnagYNDEXMGNC2UgbSa3oNkYmAgxdVLaRzCFd65038OH4aCKjTyr6?= =?us-ascii?Q?hd561Mhu7zYblUUtyVeEEJU0tqsBjnLfM2M7vN5k1KZmPRLkv1W2yU4em0KE?= =?us-ascii?Q?HOG+6BQYZufZefOOEYgsOVhhWOFiQGuhwt9wWR7z5TIimZF4Ns8/Jbbfevdw?= =?us-ascii?Q?Aw=3D=3D?=
Content-Type: multipart/alternative; boundary="_000_BL3PR11MB56826CB10DB7EAD8A920B1D9C1929BL3PR11MB5682namp_"
MIME-Version: 1.0
X-MS-Exchange-CrossTenant-AuthAs: Internal
X-MS-Exchange-CrossTenant-AuthSource: BL3PR11MB5682.namprd11.prod.outlook.com
X-MS-Exchange-CrossTenant-Network-Message-Id: ad5cf8df-04e0-4c9d-e6de-08d9a3cd2270
X-MS-Exchange-CrossTenant-originalarrivaltime: 09 Nov 2021 22:06:08.9351 (UTC)
X-MS-Exchange-CrossTenant-fromentityheader: Hosted
X-MS-Exchange-CrossTenant-id: 5ae1af62-9505-4097-a69a-c1553ef7840e
X-MS-Exchange-CrossTenant-mailboxtype: HOSTED
X-MS-Exchange-CrossTenant-userprincipalname: ZPUYbMmZQqefK0Akk9J3R92lVUobxdHZ3yzzjQsU2ZuXUbu/c7CzXGqbzemPPhyBtJBoEHEt2sH0KpdvFiB4HA==
X-MS-Exchange-Transport-CrossTenantHeadersStamped: MN2PR11MB4206
X-OriginatorOrg: cisco.com
X-Outbound-SMTP-Client: 173.37.102.22, xbe-rcd-007.cisco.com
X-Outbound-Node: rcdn-core-12.cisco.com
Archived-At: <https://mailarchive.ietf.org/arch/msg/suit/r5aOjK52zNZvec4ho0KXD66K2L8>
Subject: [Suit] Notes on your usage of HSS-LMS
X-BeenThere: suit@ietf.org
X-Mailman-Version: 2.1.29
Precedence: list
List-Id: Software Updates for Internet of Things <suit.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/suit>, <mailto:suit-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/suit/>
List-Post: <mailto:suit@ietf.org>
List-Help: <mailto:suit-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/suit>, <mailto:suit-request@ietf.org?subject=subscribe>
X-List-Received-Date: Tue, 09 Nov 2021 22:06:21 -0000

Hi,

   I saw that you were using HSS-LMS as one of your signature algorithms; I thought it would be appropriate if I were to make comments on the slides that Brandon presented:


  *   Fixed number of signatures possible
This is true; however when you generate the HSS-LMS private key, you select the number of signatures possible.  It is usually fairly easy to set the limit to something considerably more than you'll ever need.  For example, if you believe you'll never sign more than a billion updates (enough for one per second for 30 years), then you can set the limit that high (perhaps with a two level HSS structure consisting of two LMS trees of height 15 each).

  *   Signatures are >1kB.
This is true for the parameter sets defined in the RFC.  On the other hand, the draft draft-fluhrer-lms-more-parm-sets (which will hopefully become an RFC soon) defines parameter sets with signatures about half as long as what you use now - still not anywhere close to what ECDSA can do, but it's better than what you have now (cost: those parameter sets do have reduced security; however that security reduction is from "insane overkill" to "quite conservative", and yes, it's still postquantum)

  *   Verification time

I suspect you did your performance testing with "W=8" (which is the "reduce signature size at the cost of computation" option); if you need to speed up the verification, you can select a parameter set with "W=4"; verification with that should be about 8 times faster (at the cost of having signatures which are about twice as large; no security change).  Going even further we have "W=2", which is about twice as fast as "W=4" (with about another doubling of the signature size).


And, if you have any further questions about HSS-LMS, or you need some help, feel free to ask - I've been working on it for an embarrassingly long time, and I'm glad to see it being used.

Thanks!

v2.8.7 | Report a Bug | By Email