Expand description

A Rust implementation of Leslie Lamport’s one-time signature scheme.

Intended for use with any hashing algorithm implementing RustCrypto’s digest trait. A list of such algorithms can be found here.

Example Usage

A KeyPair (consisting of a PublicKey and a PrivateKey) is generated using the specified hashing algorithm (in the below example, Sha256). The KeyPair can then be used to sign an arbitrary byte-encoded piece of data, consuming the KeyPair in the process. Thereafter, the produced Signature will be able to verify whether or not a passed piece of byte-encoded data is the message which it signs.

use lamport_ots::KeyPair;
use sha2::Sha256;

// Generate a randomized Public/Private KeyPair
let keypair = KeyPair::<Sha256>::generate();

// Use that KeyPair to generate a signature for passed data
let signature = keypair.sign(b"Hello world!");

// That signature can now verify the signed data
assert!(signature.verify(b"Hello world!"));
assert!(!signature.verify(b"Hello moon!"));

It must be stressed that each KeyPair can and should only be used to generate a single signature, in order to remain cryptographically secure. Signing subsequent pieces of data will require the generation of a fresh KeyPair.

An Important Note on Security:

While Lamport’s scheme is secure, this implementation thereof has not been guaranteed to be by any authority. Proceed with caution and at your own risk.

Structs

A PrivateKey/PublicKey pair with an associated hashing algorithm.

A one-time use private key, containing random data.

A one-time use public key, derived from a corresponding PrivateKey.

A signature signing a single piece of byte-encoded data under an associated hashing algorithm.