Skip to main content
Skip main navigation
No Access

Keyless signature infrastructure and PKI: hash-tree signatures in pre- and post-quantum world

Published Online:pp 117-130https://doi.org/10.1504/IJSTM.2017.081881

Multi-tenancy in the cloud environment brings new challenges to data security including but not limited to trust, data and system integrity and the overhead of cryptographic key management. These challenges can be efficiently addressed using novel data signing schemes. We compare personal digital signature solutions provided by public key infrastructure (PKI) and keyless signature infrastructure (KSI) and describe how these technologies can support each other. We discuss some ways of integrating a personal KSI service with external identity providers. As KSI can 'indemnify' PKI against the cryptographic threat of practical quantum computers, we delve into the post-quantum security of cryptographic hash functions and hash-and-publish signature schemes.

Keywords

public key infrastructure, PKI, keyless signature infrastructure, KSI, cryptographic hash functions, personal digital signatures, digital time-stamping, post-quantum security, hash tree signatures, cloud computing, data security, cryptographic key management, cryptography, quantum computing