Managing nodes of a cryptographic hash tree in a hash-based digital signature scheme
First Claim
1. A method comprising:
- storing nodes of a cryptographic hash tree in a buffer memory, wherein storing the nodes in the buffer memory comprises;
storing a first subset of nodes of an active subtree in a first set of indexed locations in the buffer memory; and
storing a second subset of nodes of a future subtree in a second set of indexed locations in the buffer memory, wherein the active subtree and the future subtree are non-overlapping subtrees of the same size;
generating a one-time signature (OTS) based on a signing key associated with a current value of a signing index, wherein the current value of the signing index is associated with a current leaf node of the active subtree;
generating an authentication path for the OTS based on the current value of the signing index, wherein generating the authentication path comprises retrieving one or more of the first subset of nodes from the buffer memory;
providing a digital signature for transmission to a message recipient, the digital signature comprising the OTS and the authentication path;
calculating a new node of the future subtree based on the current value of the signing index;
storing the new node of the future subtree in the buffer memory; and
advancing the signing index from the current value to a next value of the signing index.
1 Assignment
0 Petitions
Accused Products
Abstract
In some aspects, nodes of a cryptographic hash tree are stored in a buffer memory. Nodes of an active subtree are stored in a first set of indexed locations in the buffer memory, and nodes of a future subtree are stored in a second set of indexed locations in the buffer memory. A one-time signature (OTS) is generated based on a signing key associated with a current value of a signing index. An authentication path for the OTS is generated by retrieving a subset of the nodes from the buffer memory. A new node of the future subtree is calculated based on the current value of the signing index and stored in the buffer memory. The signing index is then advanced from the current value to a next value of the signing index.
-
Citations
30 Claims
-
1. A method comprising:
-
storing nodes of a cryptographic hash tree in a buffer memory, wherein storing the nodes in the buffer memory comprises; storing a first subset of nodes of an active subtree in a first set of indexed locations in the buffer memory; and storing a second subset of nodes of a future subtree in a second set of indexed locations in the buffer memory, wherein the active subtree and the future subtree are non-overlapping subtrees of the same size; generating a one-time signature (OTS) based on a signing key associated with a current value of a signing index, wherein the current value of the signing index is associated with a current leaf node of the active subtree; generating an authentication path for the OTS based on the current value of the signing index, wherein generating the authentication path comprises retrieving one or more of the first subset of nodes from the buffer memory; providing a digital signature for transmission to a message recipient, the digital signature comprising the OTS and the authentication path; calculating a new node of the future subtree based on the current value of the signing index; storing the new node of the future subtree in the buffer memory; and advancing the signing index from the current value to a next value of the signing index. - View Dependent Claims (2, 3, 4, 5, 6, 7, 8, 9, 10, 11, 12)
-
-
13. A computer system, comprising:
-
a buffer memory; one or more processors; and memory storing instructions that are operable when executed by the one or more processors to perform operations comprising; storing nodes of a cryptographic hash tree in the buffer memory, wherein storing the nodes in the buffer memory comprises; storing a first subset of nodes of an active subtree in a first set of indexed locations in the buffer memory; and storing a second subset of nodes of a future subtree in a second set of indexed locations in the buffer memory, wherein the active subtree and the future subtree are non-overlapping subtrees of the same size; generating a one-time signature (OTS) based on a signing key associated with a current value of a signing index, wherein the current value of the signing index is associated with a current leaf node of the active subtree; generating an authentication path for the OTS based on the current value of the signing index, wherein generating the authentication path comprises retrieving one or more of the first subset of nodes from the buffer memory; providing a digital signature for transmission to a message recipient, the digital signature comprising the OTS and the authentication path; calculating a new node of the future subtree based on the current value of the signing index; storing the new node of the future subtree in the buffer memory; and advancing the signing index from the current value to a next value of the signing index. - View Dependent Claims (14, 15, 16, 17, 18, 19, 20, 21)
-
-
22. A non-transitory computer-readable medium storing instructions that are operable when executed by data processing apparatus to perform operations comprising:
-
storing nodes of a cryptographic hash tree in a buffer memory, wherein storing the nodes in the buffer memory comprises; storing a first subset of nodes of an active subtree in a first set of indexed locations in the buffer memory; and storing a second subset of nodes of a future subtree in a second set of indexed locations in the buffer memory, wherein the active subtree and the future subtree are non-overlapping subtrees of the same size; generating a one-time signature (OTS) based on a signing key associated with a current value of a signing index, wherein the current value of the signing index is associated with a current leaf node of the active subtree; generating an authentication path for the OTS based on the current value of the signing index, wherein generating the authentication path comprises retrieving one or more of the first subset of nodes from the buffer memory; providing a digital signature for transmission to a message recipient, the digital signature comprising the OTS and the authentication path; calculating a new node of the future subtree based on the current value of the signing index; storing the new node of the future subtree in the buffer memory; and advancing the signing index from the current value to a next value of the signing index. - View Dependent Claims (23, 24, 25, 26, 27, 28, 29, 30)
-
Specification