SHRINCS: 324-byte stateful post-quantum signatures with static backups

It utilizes an unbalanced XMSS tree for stateful operations alongside a variant of SPHINCS+ for stateless operations, enabling efficient operations under normal circumstances and providing a reliable fallback if the state is lost or corrupted. The scheme's design allows for seamless operation between stateful and stateless modes, depending on the state's integrity. This dual-mode functionality is supported through key generation, restoration, signing, and verification processes. The initial setup involves using a master seed to generate secret keys for both schemes, from which public keys are derived. SHRINCS employs the stateful signing mechanism for its efficiency when the state is intact but defaults to the stateless signing method if the state is considered lost.

In the realm of post-quantum cryptography (PQC), the adequacy of a 128-bit security level against quantum attacks facilitated by Grover's algorithm is critically examined. The discussion highlights that a 128-bit key effectively offers a 64-bit security level against such attacks, prompting questions about its long-term viability in protecting information against adversaries with quantum computing capabilities. The conversation underscores the need to evaluate cryptographic strength through quantum-resistant metrics and consider the computational demand imposed by hash function circuit evaluation necessary for each iteration of Grover's algorithm. Furthermore, it delves into the specifics of the SHRINCS signature scheme at NIST security level 3, indicating a minimum signature size based on certain parameters, and emphasizes the role of checksums in preventing specific types of attacks in the Winternitz One-Time Signature Scheme (WOTS) and its variant WOTS+.

The WOTS scheme's vulnerability to specialized hardware capable of generating alternative signatures is discussed, suggesting methods to enhance the immutability of WOTS signatures. A strategic modification to the Extended Merkle Signature Scheme (XMSS) proposes a directionless structure for enhancing privacy within blockchain transactions. Additionally, the deployment of dedicated signing devices and the use of Trusted Platform Module (TPM) technology for secure state management in cryptographic signing processes like SHRINCS are explored, reflecting on the challenges and considerations related to security, efficiency, and operational feasibility.

The conversation also addresses concerns over wallet software not being able to confirm with certainty whether its seed is in use across multiple devices, highlighting the risks associated with copying wallet data files between computers. It suggests mechanisms to prevent errors related to state mismanagement and explores innovative approaches towards ensuring the security of state information, including storing decryption keys in TPMs to protect encrypted state data from unauthorized access. Lastly, the potential risks associated with restoring a disk backup containing an old wallet state and the interaction between backups and key management in maintaining cryptographic operations' security are contemplated, suggesting a need for robust security measures to prevent the misuse of cryptographic keys.