The IESG has received a request from the Post-Quantum Use In Protocols WG (pquip) to consider the following document: - 'Hash-based Signatures: State and Backup Management' <draft-ietf-pquip-hbs-state-02.txt> as Informational RFC
The IESG plans to make a decision in the next few weeks, and solicits final comments on this action. Please send substantive comments to the [email protected] mailing lists by 2026-01-20. Exceptionally, comments may be sent to [email protected] instead. In either case, please retain the beginning of the Subject line to allow automated sorting. Abstract Stateful Hash-Based Signature Schemes (Stateful HBS) such as LMS, HSS, XMSS and XMSS^MT combine Merkle trees with One-Time Signatures (OTS) to provide signatures that are resistant against attacks using large-scale quantum computers. Unlike conventional stateless digital signature schemes, Stateful HBS have a state to keep track of which OTS keys have been used, as double-signing with the same OTS key allows forgeries. This document provides guidance and catalogs security considerations for the operational and technical aspects of deploying systems that rely on Stateful HBS. Management of the state of the Stateful HBS, including any handling of redundant key material, is a sensitive topic. This document describes some approaches to handle the associated challenges. It also describes the challenges that need to be resolved before certain approaches should be considered. The file can be obtained via https://datatracker.ietf.org/doc/draft-ietf-pquip-hbs-state/ No IPR declarations have been submitted directly on this I-D. _______________________________________________ IETF-Announce mailing list -- [email protected] To unsubscribe send an email to [email protected]
