Research Article
Winternitz Signature Scheme Using Nonadjacent Forms
Algorithm 4
WSS-N security reduction algorithm.
| Input: security parameter , function key , one-way challenge and second preimage resistance challenge | | Output: a value that is either a preimage of or the second preimage for under or fail. | | 1. run Kg to generate a WSS-N key pair (sk, pk). | | 2. choose an index . | | 3. if then choose an index . | | 4. else choose an index . | | 5. if then | | a. if then set . | | b. else | | (1) choose an index . | | (2) obtain from , replacing by . | | c. obtain by setting | | ; | | ; | | ; | | | | 6. else | | a. if then set . | | b. else | | (1) choose an index . | | (2) obtain from , replacing by . | | c. obtain by setting | | ; | | ; | | ; | | | | 7. run . | | 8. if queries Sign with a message then | | a. compute as in Algorithm 2. | | b. if then return fail. | | c. generate a signature of of : | | (1) run . | | (2) set . | | d. reply to the query using . | | 9. if returns a valid then | | a. compute as in Algorithm 2. | | b. if then return fail. | | c. if and then return a preimage . | | d. else if and | | then return a preimage . | | e. else if then return a preimage . | | f. else if and | | then return the second preimage . | | 10. in any other cases, return fail. |
|
