Review and analysis of classical algorithms and hash-based post-quantum algorithm

Abstract

Over the years, digital signature algorithms such as Rivest–Shamir–Adleman (RSA) and elliptic curve digital signature algorithm (ECDSA) are the commonly used algorithms to secure data in the public key infrastructure and other computing devices. The security notions of these algorithms relied on the difficulty of an attacker to solve the integer factorization problem used in RSA and the discrete logarithm problem in ECDSA. With the advent of quantum computers and the development of quantum algorithms, the security of data by cryptosystems are not secure. In this research, the authors carried out the review analysis of two classical algorithms (RSA, ECDSA) and hash-based signature schemes;Winternitz one time signature (W-OTS) and Merkle signature (MSS), their security strength, efficiency in terms of key generation time, signature generation and verification time. Two approaches were used: the algorithms prove of concepts which involved practical implementation of the selected hash-based signature schemes and the classical algorithms. From the results obtained and displayed in Table 8, the signature generation time of RSA and ECDSA were 0.08 ms and 0.02 ms as compared with MSS which has high values more than the RSA and ECDSA and it is 2.40 ms. The results showed that the two classical algorithms perform better in terms of the efficiency in key generation time, signature generation and verification time. However, the key generation time, signature generation and verification time increases when the key length increases. The security of the classical algorithms improved when the key length increase. Evidently an increase in signature verification time could lead to denial of service attack and quantum computer related attacks. The hash-based signature schemes in this research were considered to be the best alternative algorithms suitable for public key infrastructures considering the security properties exhibited by them. Their security depends on the hash function used and the collision resistant properties of the underlying hash function. Also the hash-based signature schemes are forward secure and uses collision resistant cryptographic hash function and a pseudorandom number generator as illustrated in Table 10.