Towards a Provably Secure State Management (Q21c)
Stateful hash based signatures like LMS and XMSS provide a high level of maturity but leave the user with the challenge to manage the state correctly. There are several solutions in the field that typically have a weak step when applied in distributed settings – the requirement of manual handling of the state initially. This weak step poses an unpredictable risk to long term security use cases. What is needed is a state management system that entirely relies on cryptographic protection and whose security is provable. In this talk the speakers present novel results that lead to a security proof of a distributed state management system in the Universal Composability (UC) Model. The UC model guarantees the security even if the state management system is combined with or included into more complex systems.