Modes of Operation for Digital Signature Schemes (U32a)
Modes of operation have long been established in cryptography as a way to add functionality to an underlying cryptographic technique. Most of the work on modes historically has focused on block ciphers, resulting in various block cipher modes designed for particular operational and security objectives. We propose a similar effort towards standardizing and deploying modes of operation of digital signature algorithms. Recent developments in post-quantum cryptography demonstrate several approaches that could be considered early examples of signature modes: the “pure” and “pre-hash” variants proposed by NIST in FIPS 204 and 205; “hybrid” techniques that combine traditional and post-quantum signature algorithms; and Merkle tree-based approaches that reduce operational impact by signing hash values representing multiple messages. This talk will provide an overview of recent work, outline some of the design considerations for signature modes, and discuss the potential impact of signature modes on cryptographic module design and implementation.