---
_id: '63403'
abstract:
- lang: eng
text: "Stateful signatures like the NIST standardized signature schemes LMS and
XMSS provide an efficient and mature realization of post-quantum secure signature
schemes. They are recommended for long-term use cases like e.g. firmware signing.
However, stateful signature schemes require to properly manage a so-called state.
In stateful signature schemes like LMS and XMSS, signing keys consist of a set
of keys of a one-time signature scheme and it has to be guaranteed that each one-time
key is used only once. This is done by updating a state in each signature computation,
basically recording which one-time keys have already been used. While this is
straightforward in centralized systems, in distributed systems like secure enclaves
consisting of e.g. multiple hardware security modules (HSMs) with limited communication
keeping a distributed state that at any point in time is consistent among all
parties involved presents a challenge. This challenge is not addressed by the
current standardization processes. \r\nIn this paper we present a security model
for the distributed key management of post-quantum secure stateful signatures
like XMSS and LMS. We also present a simple, efficient, and easy to implement
protocol proven secure in this security model, i.e. the protocol guarantees at
any point in time a consistent state among the parties in a distributed system,
like a distributed security enclave. The security model is defined in the universal
composabilty (UC) framework by Ran Canetti by providing an ideal functionality
for the distributed key management for stateful signatures. Hence our protocol
remains secure even if arbitrarily composed with other instances of the same or
other protocols, a necessity for the security of distributed key management protocols.
Our main application are security enclaves consisting of HSMs, but the model and
the protocol can easily be adapted to other scenarios of distributed key management
of stateful signature schemes."
author:
- first_name: Johannes
full_name: Blömer, Johannes
id: '23'
last_name: Blömer
- first_name: Henrik
full_name: Bröcher, Henrik
id: '41047'
last_name: Bröcher
orcid: 0009-0008-3938-5485
- first_name: Volker
full_name: Krummel, Volker
last_name: Krummel
- first_name: Laurens Alexander
full_name: Porzenheim, Laurens Alexander
id: '47434'
last_name: Porzenheim
citation:
ama: Blömer J, Bröcher H, Krummel V, Porzenheim LA. Secure Distributed State Management
for Stateful Signatures with a Practical and Universally Composable Protocol.
apa: Blömer, J., Bröcher, H., Krummel, V., & Porzenheim, L. A. (n.d.). Secure
Distributed State Management for Stateful Signatures with a Practical and Universally
Composable Protocol.
bibtex: '@article{Blömer_Bröcher_Krummel_Porzenheim, title={Secure Distributed State
Management for Stateful Signatures with a Practical and Universally Composable
Protocol}, author={Blömer, Johannes and Bröcher, Henrik and Krummel, Volker and
Porzenheim, Laurens Alexander} }'
chicago: Blömer, Johannes, Henrik Bröcher, Volker Krummel, and Laurens Alexander
Porzenheim. “Secure Distributed State Management for Stateful Signatures with
a Practical and Universally Composable Protocol,” n.d.
ieee: J. Blömer, H. Bröcher, V. Krummel, and L. A. Porzenheim, “Secure Distributed
State Management for Stateful Signatures with a Practical and Universally Composable
Protocol.” .
mla: Blömer, Johannes, et al. Secure Distributed State Management for Stateful
Signatures with a Practical and Universally Composable Protocol.
short: J. Blömer, H. Bröcher, V. Krummel, L.A. Porzenheim, (n.d.).
date_created: 2025-12-22T21:23:22Z
date_updated: 2025-12-23T11:30:38Z
department:
- _id: '34'
- _id: '64'
keyword:
- distributed state
- hash-based signature
- stateful hash-based signature
- universal composability
- secure enclave
language:
- iso: eng
main_file_link:
- open_access: '1'
url: https://eprint.iacr.org/2025/2278.pdf
oa: '1'
page: '22'
project:
- _id: '191'
name: 'PhoQuant: Photonische Quantencomputer - Quantencomputing Testplattform'
publication_status: submitted
status: public
title: Secure Distributed State Management for Stateful Signatures with a Practical
and Universally Composable Protocol
type: preprint
user_id: '41047'
year: '2025'
...
---
_id: '35014'
author:
- first_name: Johannes
full_name: Blömer, Johannes
id: '23'
last_name: Blömer
- first_name: Jan
full_name: Bobolz, Jan
id: '27207'
last_name: Bobolz
- first_name: Henrik
full_name: Bröcher, Henrik
id: '41047'
last_name: Bröcher
citation:
ama: 'Blömer J, Bobolz J, Bröcher H. On the impossibility of surviving (iterated)
deletion of weakly dominated strategies in rational MPC. In: ; 2023.'
apa: Blömer, J., Bobolz, J., & Bröcher, H. (2023). On the impossibility of
surviving (iterated) deletion of weakly dominated strategies in rational MPC.
TCC 2023, Taipeh, Taiwan.
bibtex: '@inproceedings{Blömer_Bobolz_Bröcher_2023, title={On the impossibility
of surviving (iterated) deletion of weakly dominated strategies in rational MPC},
author={Blömer, Johannes and Bobolz, Jan and Bröcher, Henrik}, year={2023} }'
chicago: Blömer, Johannes, Jan Bobolz, and Henrik Bröcher. “On the Impossibility
of Surviving (Iterated) Deletion of Weakly Dominated Strategies in Rational MPC,”
2023.
ieee: J. Blömer, J. Bobolz, and H. Bröcher, “On the impossibility of surviving (iterated)
deletion of weakly dominated strategies in rational MPC,” presented at the TCC
2023, Taipeh, Taiwan, 2023.
mla: Blömer, Johannes, et al. On the Impossibility of Surviving (Iterated) Deletion
of Weakly Dominated Strategies in Rational MPC. 2023.
short: 'J. Blömer, J. Bobolz, H. Bröcher, in: 2023.'
conference:
end_date: 2023-12-02
location: Taipeh, Taiwan
name: TCC 2023
start_date: 2023-11-29
date_created: 2022-12-28T16:02:11Z
date_updated: 2023-09-07T10:01:00Z
department:
- _id: '34'
- _id: '64'
language:
- iso: eng
main_file_link:
- open_access: '1'
url: https://eprint.iacr.org/2022/1762
oa: '1'
project:
- _id: '1'
grant_number: '160364472'
name: 'SFB 901: SFB 901'
- _id: '4'
name: 'SFB 901 - C: SFB 901 - Project Area C'
- _id: '13'
name: 'SFB 901 - C1: SFB 901 - Subproject C1'
status: public
title: On the impossibility of surviving (iterated) deletion of weakly dominated strategies
in rational MPC
type: conference
user_id: '41047'
year: '2023'
...
---
_id: '13128'
author:
- first_name: Henrik
full_name: Bröcher, Henrik
id: '41047'
last_name: Bröcher
citation:
ama: Bröcher H. Rational Secure Multiparty Computation. Universität Paderborn;
2019.
apa: Bröcher, H. (2019). Rational Secure Multiparty Computation. Universität
Paderborn.
bibtex: '@book{Bröcher_2019, title={Rational Secure Multiparty Computation}, publisher={Universität
Paderborn}, author={Bröcher, Henrik}, year={2019} }'
chicago: Bröcher, Henrik. Rational Secure Multiparty Computation. Universität
Paderborn, 2019.
ieee: H. Bröcher, Rational Secure Multiparty Computation. Universität Paderborn,
2019.
mla: Bröcher, Henrik. Rational Secure Multiparty Computation. Universität
Paderborn, 2019.
short: H. Bröcher, Rational Secure Multiparty Computation, Universität Paderborn,
2019.
date_created: 2019-09-04T08:04:12Z
date_updated: 2022-01-06T06:51:28Z
ddc:
- '000'
department:
- _id: '64'
extern: '1'
file:
- access_level: open_access
content_type: application/pdf
creator: bhenrik
date_created: 2019-09-04T07:59:31Z
date_updated: 2020-10-30T15:59:34Z
file_id: '13129'
file_name: thesis_broecher.pdf
file_size: 746819
relation: main_file
file_date_updated: 2020-10-30T15:59:34Z
has_accepted_license: '1'
language:
- iso: eng
oa: '1'
project:
- _id: '13'
name: SFB 901 - Subproject C1
- _id: '1'
name: SFB 901
- _id: '4'
name: SFB 901 - Project Area C
publisher: Universität Paderborn
status: public
supervisor:
- first_name: Johannes
full_name: Blömer, Johannes
id: '23'
last_name: Blömer
title: Rational Secure Multiparty Computation
type: mastersthesis
user_id: '25078'
year: '2019'
...
---
_id: '3265'
abstract:
- lang: eng
text: "We present CLARC (Cryptographic Library for Anonymous Reputation and Credentials),
an anonymous credentials system (ACS) combined with an anonymous reputation system.\r\n\r\nUsing
CLARC, users can receive attribute-based credentials from issuers. They can efficiently
prove that their credentials satisfy complex (access) policies in a privacy-preserving
way. This implements anonymous access control with complex policies.\r\n\r\nFurthermore,
CLARC is the first ACS that is combined with an anonymous reputation system where
users can anonymously rate services. A user who gets access to a service via a
credential, also anonymously receives a review token to rate the service. If a
user creates more than a single rating, this can be detected by anyone, preventing
users from spamming ratings to sway public opinion.\r\n\r\nTo evaluate feasibility
of our construction, we present an open-source prototype implementation."
author:
- first_name: Kai
full_name: Bemmann, Kai
last_name: Bemmann
- first_name: Johannes
full_name: Blömer, Johannes
id: '23'
last_name: Blömer
- first_name: Jan
full_name: Bobolz, Jan
id: '27207'
last_name: Bobolz
- first_name: Henrik
full_name: Bröcher, Henrik
id: '41047'
last_name: Bröcher
- first_name: Denis Pascal
full_name: Diemert, Denis Pascal
id: '44071'
last_name: Diemert
- first_name: Fabian
full_name: Eidens, Fabian
id: '25078'
last_name: Eidens
- first_name: Lukas
full_name: Eilers, Lukas
last_name: Eilers
- first_name: Jan Frederik
full_name: Haltermann, Jan Frederik
id: '44413'
last_name: Haltermann
- first_name: Jakob
full_name: Juhnke, Jakob
id: '48090'
last_name: Juhnke
- first_name: Burhan
full_name: Otour, Burhan
last_name: Otour
- first_name: Laurens Alexander
full_name: Porzenheim, Laurens Alexander
id: '47434'
last_name: Porzenheim
- first_name: Simon
full_name: Pukrop, Simon
last_name: Pukrop
- first_name: Erik
full_name: Schilling, Erik
last_name: Schilling
- first_name: Michael
full_name: Schlichtig, Michael
id: '32312'
last_name: Schlichtig
- first_name: Marcel
full_name: Stienemeier, Marcel
last_name: Stienemeier
citation:
ama: 'Bemmann K, Blömer J, Bobolz J, et al. Fully-Featured Anonymous Credentials
with Reputation System. In: Proceedings of the 13th International Conference
on Availability, Reliability and Security - ARES ’18. New York, NY, USA: ACM.
doi:10.1145/3230833.3234517'
apa: 'Bemmann, K., Blömer, J., Bobolz, J., Bröcher, H., Diemert, D. P., Eidens,
F., … Stienemeier, M. (n.d.). Fully-Featured Anonymous Credentials with Reputation
System. In Proceedings of the 13th International Conference on Availability,
Reliability and Security - ARES ’18. New York, NY, USA: ACM. https://doi.org/10.1145/3230833.3234517'
bibtex: '@inproceedings{Bemmann_Blömer_Bobolz_Bröcher_Diemert_Eidens_Eilers_Haltermann_Juhnke_Otour_et
al., place={New York, NY, USA}, title={Fully-Featured Anonymous Credentials with
Reputation System}, DOI={10.1145/3230833.3234517},
booktitle={Proceedings of the 13th International Conference on Availability, Reliability
and Security - ARES ’18}, publisher={ACM}, author={Bemmann, Kai and Blömer, Johannes
and Bobolz, Jan and Bröcher, Henrik and Diemert, Denis Pascal and Eidens, Fabian
and Eilers, Lukas and Haltermann, Jan Frederik and Juhnke, Jakob and Otour, Burhan
and et al.} }'
chicago: 'Bemmann, Kai, Johannes Blömer, Jan Bobolz, Henrik Bröcher, Denis Pascal
Diemert, Fabian Eidens, Lukas Eilers, et al. “Fully-Featured Anonymous Credentials
with Reputation System.” In Proceedings of the 13th International Conference
on Availability, Reliability and Security - ARES ’18. New York, NY, USA: ACM,
n.d. https://doi.org/10.1145/3230833.3234517.'
ieee: K. Bemmann et al., “Fully-Featured Anonymous Credentials with Reputation
System,” in Proceedings of the 13th International Conference on Availability,
Reliability and Security - ARES ’18, Hamburg, Germany.
mla: Bemmann, Kai, et al. “Fully-Featured Anonymous Credentials with Reputation
System.” Proceedings of the 13th International Conference on Availability,
Reliability and Security - ARES ’18, ACM, doi:10.1145/3230833.3234517.
short: 'K. Bemmann, J. Blömer, J. Bobolz, H. Bröcher, D.P. Diemert, F. Eidens, L.
Eilers, J.F. Haltermann, J. Juhnke, B. Otour, L.A. Porzenheim, S. Pukrop, E. Schilling,
M. Schlichtig, M. Stienemeier, in: Proceedings of the 13th International Conference
on Availability, Reliability and Security - ARES ’18, ACM, New York, NY, USA,
n.d.'
conference:
end_date: 2018-08-30
location: Hamburg, Germany
name: ARES 2018 - SECPID
start_date: 2018-08-27
date_created: 2018-06-14T11:19:29Z
date_updated: 2022-01-06T06:59:07Z
ddc:
- '000'
department:
- _id: '64'
doi: 10.1145/3230833.3234517
file:
- access_level: closed
content_type: application/pdf
creator: feidens
date_created: 2018-11-08T10:17:39Z
date_updated: 2018-11-08T10:17:39Z
file_id: '5428'
file_name: react_acs.pdf
file_size: 920843
relation: main_file
file_date_updated: 2018-11-08T10:17:39Z
has_accepted_license: '1'
language:
- iso: eng
main_file_link:
- open_access: '1'
url: https://eprint.iacr.org/2018/835
oa: '1'
place: New York, NY, USA
project:
- _id: '1'
name: SFB 901
- _id: '4'
name: SFB 901 - Project Area C
- _id: '13'
name: SFB 901 - Subproject C1
- _id: '44'
name: KogniHome - die mitdenkende Wohnung
publication: Proceedings of the 13th International Conference on Availability, Reliability
and Security - ARES '18
publication_identifier:
isbn:
- 978-1-4503-6448-5
publication_status: accepted
publisher: ACM
quality_controlled: '1'
related_material:
link:
- relation: software
url: https://github.com/upbcuk
status: public
title: Fully-Featured Anonymous Credentials with Reputation System
type: conference
user_id: '25078'
year: '2018'
...