Why don t we use hash-based digital signatures everywhere

0 votes
I’ve read about hash-based signature schemes like Lamport and SPHINCS, which are considered quantum-resistant. However, I see that RSA and ECDSA are still dominant.

If hash-based signatures are theoretically more secure against quantum attacks, why aren’t they widely adopted? Are there significant drawbacks, such as performance or compatibility issues, that prevent them from being practical for general use?
Feb 6 in Cyber Security & Ethical Hacking by Anupam
• 9,890 points 41 views

1 answer to this question.

0 votes

Hash-based digital signature schemes, such as Lamport and SPHINCS, are indeed recognized for their quantum-resistant properties. Despite this advantage, RSA and ECDSA remain prevalent in many applications. The limited adoption of hash-based signatures can be attributed to several factors:

1. Performance Considerations:

  • Signature and Key Sizes: Hash-based signatures often result in larger signature sizes compared to traditional schemes. For instance, the original Lamport signature scheme produces signatures that are significantly larger than those generated by RSA or ECDSA. This increase in size can lead to higher storage and transmission requirements, which may not be suitable for all applications.

  • Computational Efficiency: Some hash-based schemes exhibit slower performance, especially during key generation and signing processes. For example, certain hash-based signature schemes have relatively slow runtimes compared to other alternatives, particularly in key generation.

2. State Management Challenges:

  • Statefulness: Many hash-based signature schemes are stateful, meaning they require careful tracking of used keys to maintain security. If a one-time signing key is reused, it can compromise the scheme's integrity. Managing this state across distributed systems or in environments where reliability is critical can be complex and error-prone.

3. Compatibility and Standardization:

  • Integration Difficulties: Integrating hash-based signatures into existing infrastructures can pose challenges. Many current systems and protocols are optimized for traditional signature algorithms, and adopting hash-based schemes may require significant modifications.

  • Standardization: While there has been progress in standardizing hash-based signatures, such as the approval of stateful schemes like XMSS and LMS by NIST, widespread adoption is still underway. Organizations often wait for mature standards and widespread industry acceptance before transitioning to new cryptographic methods.

Use Cases and Examples

  • Firmware and Software Updates: Hash-based signatures are well-suited for signing firmware and software updates, where the number of required signatures can be predetermined, and the environment is controlled. For instance, XMSS has been deployed in OpenSSH for this purpose.

  • Long-Term Security: Applications that require long-term security assurances, such as archival systems, can benefit from the quantum-resistant properties of hash-based signatures.

answered Feb 11 by CaLLmeDaDDY
 • 16,200 points

Related Questions In Cyber Security & Ethical Hacking

0 votes
1 answer

Why do digital signatures need different algorithms?

Digital signatures are essential in modern cryptography ...READ MORE

answered Feb 11 in Cyber Security & Ethical Hacking by CaLLmeDaDDY
 • 16,200 points 41 views
+3 votes
3 answers

How can we hack gmail id with the use of fishing attack with out use of gmail password

Any  app and any website any gmail ...READ MORE

answered Oct 8, 2020 in Cyber Security & Ethical Hacking by Tazzu
 17,881 views
0 votes
0 answers

why do we need cyber security

I'm now enrolled in a course on ...READ MORE

Sep 7, 2023 in Cyber Security & Ethical Hacking by Edureka
 • 320 points 339 views
0 votes
0 answers

Is there any decent way to use Aircrack or other wifi based pen testing tools without having a wifi card?

Is there any decent way to use ...READ MORE

Oct 14, 2024 in Cyber Security & Ethical Hacking by Anupam
• 9,890 points 169 views
+1 vote
1 answer

How do you decrypt a ROT13 encryption on the terminal itself?

Yes, it's possible to decrypt a ROT13 ...READ MORE

answered Oct 17, 2024 in Cyber Security & Ethical Hacking by CaLLmeDaDDY
 • 16,200 points 332 views
+1 vote
1 answer

How does the LIMIT clause in SQL queries lead to injection attacks?

The LIMIT clause in SQL can indeed ...READ MORE

answered Oct 17, 2024 in Cyber Security & Ethical Hacking by CaLLmeDaDDY
 • 16,200 points 388 views
+1 vote
1 answer

Is it safe to use string concatenation for dynamic SQL queries in Python with psycopg2?

The use of string concatenation while building ...READ MORE

answered Oct 17, 2024 in Cyber Security & Ethical Hacking by CaLLmeDaDDY
 • 16,200 points 238 views
+1 vote
1 answer

How can I use Python for web scraping to gather information during reconnaissance?

Python is considered to be an excellent ...READ MORE

answered Oct 17, 2024 in Cyber Security & Ethical Hacking by CaLLmeDaDDY
 • 16,200 points 220 views
0 votes
1 answer

Why don't we use hash-based digital signatures everywhere?

Hash-based digital signature schemes (like Lamport signatures, ...READ MORE

answered Feb 11 in Cyber Security & Ethical Hacking by CaLLmeDaDDY
 • 16,200 points 33 views
0 votes
1 answer

Why don't digital signatures reveal the sender’s private key?

Digital signatures are a cornerstone of modern ...READ MORE

answered Feb 11 in Cyber Security & Ethical Hacking by CaLLmeDaDDY
 • 16,200 points 27 views
webinar REGISTER FOR FREE WEBINAR X
REGISTER NOW
webinar_success Thank you for registering Join Edureka Meetup community for 100+ Free Webinars each month JOIN MEETUP GROUP
"PMP®","PMI®", "PMI-ACP®" and "PMBOK®" are registered marks of the Project Management Institute, Inc. MongoDB®, Mongo and the leaf logo are the registered trademarks of MongoDB, Inc.