HSS/LMS Crypto Documentation #140
Conversation
|
For internal review, @atreiber94, could you give the changes in ba720ba a quick scan? |
FAlbertDev
force-pushed
the
cryptodoc/hss_lms
branch
from
ba720ba
to
21f5a9a
Compare
|
Thanks for your review, @fluppe2, and thanks for reviewing my changes, @atreiber94. All suggestions are applied in 21f5a9a. |
reneme
force-pushed
the
cryptodoc/hss_lms
branch
2 times, most recently
from
7a4b470
to
c433b5e
Compare
|
Rebased to resolve pending merge conflicts. |
docs/cryptodoc/src/05_06_hss_lms.rst
Outdated
| ------------------- | ||
|
|
||
| The Hierarchical Signature System (HSS) with Leighton-Micali | ||
| Hash-Based Signatures (HSS/LMS) consists of three building blocks. |
There was a problem hiding this comment.
What are the three building blocks?
There was a problem hiding this comment.
Meant are OTS, LMS, and HSS. The term building blocks may be misleading. I'll go with multiple components.
docs/cryptodoc/src/05_06_hss_lms.rst
Outdated
| of a Merkle tree. This composition is the basis of the Leighton-Micali Signature (LMS) | ||
| method. The root node of the LMS Merkle tree defines its public key. [RFC8554]_ | ||
| also provides HSS, a hypertree composition of multiple LMS trees, where the leaves | ||
| of LMS trees sign the public keys of other LMS trees. |
There was a problem hiding this comment.
Terminology: sometimes its called an LMS tree and sometimes an LMS Merkle tree. Strictly speaking, no definition of a LMS Merkle tree has been given and maybe its sufficient to call it simply a Merkle tree throughout?
There was a problem hiding this comment.
Good catch! I agree that this is inconsistent. However, I prefer the term LMS tree, which is also frequently used within RFC 8554. I'll introduce the term better and make it more consistent, though.
FAlbertDev
force-pushed
the
cryptodoc/hss_lms
branch
from
bd4f2d5
to
752eea8
Compare
|
Rebased to |
FAlbertDev
force-pushed
the
cryptodoc/hss_lms
branch
2 times, most recently
from
02e1fac
to
8cee0fa
Compare
FAlbertDev
force-pushed
the
cryptodoc/hss_lms
branch
from
8cee0fa
to
9b450e9
Compare
reneme
force-pushed
the
cryptodoc/hss_lms
branch
from
9b450e9
to
709dc5b
Compare
|
Rebased to latest main, in the hope to fix the build. See #216. |
This is the documentation for Botan's HSS/LMS implementation according to RFC 8554. Botan's PR for HSS/LMS has yet to be thoroughly reviewed so some changes may occur even in this document.
I marked this PR as a draft to notify that the documentation still needs to be internally reviewed. Also, since Botan's PR still needs to be merged, the CI for this PR will fail due to the missing source links.