| Raef Coles | 8ff6df5 | 2021-07-21 12:42:15 +0100 | [diff] [blame] | 1 | Features |
| Raef Coles | 2ad6e61 | 2022-08-24 13:33:35 +0100 | [diff] [blame] | 2 | * Add the LMS post-quantum-safe stateful-hash asymmetric signature scheme. |
| 3 | Signature verification is production-ready, but generation is for testing |
| 4 | purposes only. This currently only supports one parameter set |
| 5 | (LMS_SHA256_M32_H10), meaning that each private key can be used to sign |
| 6 | 1024 messages. As such, it is not intended for use in TLS, but instead for |
| 7 | verification of assets transmitted over an insecure channel, particularly |
| 8 | firmware images. |
| Raef Coles | 8ff6df5 | 2021-07-21 12:42:15 +0100 | [diff] [blame] | 9 | * Add the LM-OTS post-quantum-safe one-time signature scheme, which is |
| 10 | required for LMS. This can be used independently, but each key can only be |
| 11 | used to sign one message so is impractical for most circumstances. |