{"id":31784029,"url":"https://github.com/b-wagn/hash-sig","last_synced_at":"2025-10-10T11:00:16.924Z","repository":{"id":263437260,"uuid":"872367011","full_name":"b-wagn/hash-sig","owner":"b-wagn","description":"Prototype Rust implementation of hash-based signatures. See https://eprint.iacr.org/2025/055.pdf","archived":false,"fork":false,"pushed_at":"2025-09-08T08:14:34.000Z","size":40234,"stargazers_count":33,"open_issues_count":7,"forks_count":18,"subscribers_count":5,"default_branch":"main","last_synced_at":"2025-09-08T08:27:56.265Z","etag":null,"topics":[],"latest_commit_sha":null,"homepage":"","language":"Rust","has_issues":true,"has_wiki":null,"has_pages":null,"mirror_url":null,"source_name":null,"license":"apache-2.0","status":null,"scm":"git","pull_requests_enabled":true,"icon_url":"https://github.com/b-wagn.png","metadata":{"files":{"readme":"README.md","changelog":null,"contributing":null,"funding":null,"license":"LICENSE","code_of_conduct":null,"threat_model":null,"audit":null,"citation":null,"codeowners":null,"security":null,"support":null,"governance":null,"roadmap":null,"authors":null,"dei":null,"publiccode":null,"codemeta":null,"zenodo":null,"notice":null,"maintainers":null,"copyright":null,"agents":null,"dco":null,"cla":null}},"created_at":"2024-10-14T10:10:02.000Z","updated_at":"2025-09-08T08:14:38.000Z","dependencies_parsed_at":"2025-01-02T09:32:15.902Z","dependency_job_id":"e4146e0d-1f7a-410b-9432-85ba27b76be0","html_url":"https://github.com/b-wagn/hash-sig","commit_stats":null,"previous_names":["b-wagn/hash-sig"],"tags_count":0,"template":false,"template_full_name":null,"purl":"pkg:github/b-wagn/hash-sig","repository_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/b-wagn%2Fhash-sig","tags_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/b-wagn%2Fhash-sig/tags","releases_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/b-wagn%2Fhash-sig/releases","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/b-wagn%2Fhash-sig/manifests","owner_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners/b-wagn","download_url":"https://codeload.github.com/b-wagn/hash-sig/tar.gz/refs/heads/main","sbom_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/b-wagn%2Fhash-sig/sbom","scorecard":null,"host":{"name":"GitHub","url":"https://github.com","kind":"github","repositories_count":279003564,"owners_count":26083595,"icon_url":"https://github.com/github.png","version":null,"created_at":"2022-05-30T11:31:42.601Z","updated_at":"2022-07-04T15:15:14.044Z","status":"online","status_checked_at":"2025-10-10T02:00:06.843Z","response_time":62,"last_error":null,"robots_txt_status":"success","robots_txt_updated_at":"2025-07-24T06:49:26.215Z","robots_txt_url":"https://github.com/robots.txt","online":true,"can_crawl_api":true,"host_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub","repositories_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories","repository_names_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repository_names","owners_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners"}},"keywords":[],"created_at":"2025-10-10T10:59:55.362Z","updated_at":"2025-10-10T11:00:16.919Z","avatar_url":"https://github.com/b-wagn.png","language":"Rust","funding_links":[],"categories":["6. Research Reading List","Network \u0026 Web"],"sub_categories":["Hash-Based Multi-Signatures","Web3 Framework"],"readme":"# Hash-Based Signatures in Rust\n\nThis repository contains a *prototypical* Rust implementation of (synchronized) signatures based on tweakable hash functions and incomparable encodings.\nThe code has not been audited and is not meant to be used in production. It is a playground to explore and benchmark these signatures. Use it at your own risk.\n\n*Note: Rust version \u003e= 1.87 is required.*\n\n## Signature Interface\n\nIf you want to use this library, the main interface is that of a *(synchronized) signature scheme*, which is defined in the [Signature trait](https://github.com/b-wagn/hash-sig/blob/main/src/signature.rs). Here is a summary:\n- A function `key_gen` to generate keys.\n- A function `sign` to sign messages using the secret key with respect to an epoch.\n- A function `verify` to verify signatures for a given message, public key, and epoch.\n\nImportantly, each pair of secret key and epoch must not be used twice as input to `sign`.\n\nFor a signature scheme `T: SignatureScheme`, an example to use this interface may be as follows:\n```rust\n\n// generate keys (assume we have an rng)\nlet (pk, sk) = T::key_gen(\u0026mut rng, 0, T::LIFETIME as usize);\n\n// sign a random message for a random epoch\nlet message = rng.random();\nlet epoch = rng.random_range(0..activation_duration) as u32;\nlet sig = S::sign(\u0026mut rng, \u0026sk, epoch, \u0026message);\n\n// verify the signature\nlet is_valid = S::verify(\u0026pk, epoch, \u0026message, \u0026sig);\n```\n\nSee also function `test_signature_scheme_correctness` in [this file](https://github.com/b-wagn/hash-sig/blob/main/src/signature.rs).\n\n## Schemes\nThe code implements a generic framework from [this paper](https://eprint.iacr.org/2025/055.pdf), which builds XMSS-like hash-based signatures from a primitive called incomparable encodings.\nHardcoded instantiations of this generic framework (using SHA3 or Poseidon2) are defined in `hashsig::signature::generalized_xmss`.\nThe parameters have been chosen based on the analysis in the paper using Python scripts. Details are as follows:\n\n| Submodule        | Paper / Documentation                                     | Parameters Set With     |\n|---------------|-----------------------------------------------------------|--------------------------|\n| `instantiations_sha::*`        | [original paper](https://eprint.iacr.org/2025/055.pdf)    | [this repository](https://github.com/b-wagn/hashsig-parameters)   |\n| `instantiations_poseidon::*`   | [original paper](https://eprint.iacr.org/2025/055.pdf)    | [this repository](https://github.com/b-wagn/hashsig-parameters)   |\n| `instantiations_poseidon_top_level::*`   | [this document](https://eprint.iacr.org/2025/1332), inspired by [this](https://eprint.iacr.org/2025/889.pdf)  | [this repository](https://github.com/b-wagn/hypercube-hashsig-parameters)   |\n\nInstantiations for different key lifetimes and different encodings are given in these modules.\n\n## Tests\n\nRun the tests with\n\n```\ncargo test\n```\n\nBy default, this will exclude some of the tests. In particular, correctness tests for real instantiations take quite long and are excluded.\nIf you want to run *all* tests, you can use\n\n```\ncargo test --release --features slow-tests\n```\n\nRemoving the `--release` is also an option but tests will take even longer.\n\n## Benchmarks\n\nBenchmarks are provided using criterion.\nThey take a while, as key generation is expensive, and as a large number of schemes are benchmarked.\nRun them with\n\n```\ncargo bench\n```\n\nThe schemes that are benchmarked are hardcoded instantiations of the generic framework, which are defined in `hashsig::signature::generalized_xmss`.\nThe parameters of these instantiations have been chosen carefully with the aim to achieve a desired security level.\nBy default, key generation is not benchmarked. There are two options to benchmark it:\n1. add the option `--features with-gen-benches-sha` or `--features with-gen-benches-poseidon` or `--features with-gen-benches-poseidon-top-level` to `cargo bench`. Note that this will make benchmarks very slow, as key generation will be repeated within the benchmarks. Especially for Poseidon, this is not recommended.\n2. use code similar to the one provided in `src/bin/main.rs` and run it with `cargo run --release`.\n\nIf criterion only generates json files, one way to extract all means for all benchmarks easily (without re-running criterion) is to run\n\n```\npython3 benchmark-mean.py target\n```\n\nConfidence intervals can also be shown via\n\n```\npython3 benchmark-mean.py target --intervals\n```\n\n## License\n\nApache Version 2.0.\n","project_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Fb-wagn%2Fhash-sig","html_url":"https://awesome.ecosyste.ms/projects/github.com%2Fb-wagn%2Fhash-sig","lists_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Fb-wagn%2Fhash-sig/lists"}