[{"date_updated":"2025-12-23T11:30:38Z","oa":"1","author":[{"last_name":"Blömer","full_name":"Blömer, Johannes","id":"23","first_name":"Johannes"},{"full_name":"Bröcher, Henrik","id":"41047","last_name":"Bröcher","orcid":"0009-0008-3938-5485","first_name":"Henrik"},{"last_name":"Krummel","full_name":"Krummel, Volker","first_name":"Volker"},{"last_name":"Porzenheim","full_name":"Porzenheim, Laurens Alexander","id":"47434","first_name":"Laurens Alexander"}],"date_created":"2025-12-22T21:23:22Z","title":"Secure Distributed State Management for Stateful Signatures with a Practical and Universally Composable Protocol","main_file_link":[{"url":"https://eprint.iacr.org/2025/2278.pdf","open_access":"1"}],"publication_status":"submitted","year":"2025","page":"22","citation":{"apa":"Blömer, J., Bröcher, H., Krummel, V., & Porzenheim, L. A. (n.d.). Secure Distributed State Management for Stateful Signatures with a Practical and Universally Composable Protocol.","mla":"Blömer, Johannes, et al. Secure Distributed State Management for Stateful Signatures with a Practical and Universally Composable Protocol.","short":"J. Blömer, H. Bröcher, V. Krummel, L.A. Porzenheim, (n.d.).","bibtex":"@article{Blömer_Bröcher_Krummel_Porzenheim, title={Secure Distributed State Management for Stateful Signatures with a Practical and Universally Composable Protocol}, author={Blömer, Johannes and Bröcher, Henrik and Krummel, Volker and Porzenheim, Laurens Alexander} }","ama":"Blömer J, Bröcher H, Krummel V, Porzenheim LA. Secure Distributed State Management for Stateful Signatures with a Practical and Universally Composable Protocol.","ieee":"J. Blömer, H. Bröcher, V. Krummel, and L. A. Porzenheim, “Secure Distributed State Management for Stateful Signatures with a Practical and Universally Composable Protocol.” .","chicago":"Blömer, Johannes, Henrik Bröcher, Volker Krummel, and Laurens Alexander Porzenheim. “Secure Distributed State Management for Stateful Signatures with a Practical and Universally Composable Protocol,” n.d."},"_id":"63403","project":[{"name":"PhoQuant: Photonische Quantencomputer - Quantencomputing Testplattform","_id":"191"}],"department":[{"_id":"34"},{"_id":"64"}],"user_id":"41047","keyword":["distributed state","hash-based signature","stateful hash-based signature","universal composability","secure enclave"],"language":[{"iso":"eng"}],"type":"preprint","abstract":[{"text":"Stateful signatures like the NIST standardized signature schemes LMS and XMSS provide an efficient and mature realization of post-quantum secure signature schemes. They are recommended for long-term use cases like e.g. firmware signing. However, stateful signature schemes require to properly manage a so-called state. In stateful signature schemes like LMS and XMSS, signing keys consist of a set of keys of a one-time signature scheme and it has to be guaranteed that each one-time key is used only once. This is done by updating a state in each signature computation, basically recording which one-time keys have already been used. While this is straightforward in centralized systems, in distributed systems like secure enclaves consisting of e.g. multiple hardware security modules (HSMs) with limited communication keeping a distributed state that at any point in time is consistent among all parties involved presents a challenge. This challenge is not addressed by the current standardization processes. \r\nIn this paper we present a security model for the distributed key management of post-quantum secure stateful signatures like XMSS and LMS. We also present a simple, efficient, and easy to implement protocol proven secure in this security model, i.e. the protocol guarantees at any point in time a consistent state among the parties in a distributed system, like a distributed security enclave. The security model is defined in the universal composabilty (UC) framework by Ran Canetti by providing an ideal functionality for the distributed key management for stateful signatures. Hence our protocol remains secure even if arbitrarily composed with other instances of the same or other protocols, a necessity for the security of distributed key management protocols. Our main application are security enclaves consisting of HSMs, but the model and the protocol can easily be adapted to other scenarios of distributed key management of stateful signature schemes.","lang":"eng"}],"status":"public"},{"citation":{"ieee":"J. Blömer, J. Bobolz, and L. A. Porzenheim, “A Generic Construction of an Anonymous Reputation System and Instantiations from Lattices,” presented at the Asiacrypt 2023, Guangzhou, China, 2023.","chicago":"Blömer, Johannes, Jan Bobolz, and Laurens Alexander Porzenheim. “A Generic Construction of an Anonymous Reputation System and Instantiations from Lattices,” 2023.","ama":"Blömer J, Bobolz J, Porzenheim LA. A Generic Construction of an Anonymous Reputation System and Instantiations from Lattices. In: ; 2023.","short":"J. Blömer, J. Bobolz, L.A. Porzenheim, in: 2023.","bibtex":"@inproceedings{Blömer_Bobolz_Porzenheim_2023, title={A Generic Construction of an Anonymous Reputation System and Instantiations from Lattices}, author={Blömer, Johannes and Bobolz, Jan and Porzenheim, Laurens Alexander}, year={2023} }","mla":"Blömer, Johannes, et al. A Generic Construction of an Anonymous Reputation System and Instantiations from Lattices. 2023.","apa":"Blömer, J., Bobolz, J., & Porzenheim, L. A. (2023). A Generic Construction of an Anonymous Reputation System and Instantiations from Lattices. Asiacrypt 2023, Guangzhou, China."},"year":"2023","date_created":"2023-04-12T08:18:41Z","author":[{"last_name":"Blömer","id":"23","full_name":"Blömer, Johannes","first_name":"Johannes"},{"full_name":"Bobolz, Jan","id":"27207","last_name":"Bobolz","first_name":"Jan"},{"last_name":"Porzenheim","full_name":"Porzenheim, Laurens Alexander","id":"47434","first_name":"Laurens Alexander"}],"date_updated":"2023-09-07T09:53:26Z","oa":"1","main_file_link":[{"url":"https://eprint.iacr.org/2023/464","open_access":"1"}],"conference":{"start_date":"2023-12-04","name":"Asiacrypt 2023","location":"Guangzhou, China","end_date":"2023-12-08"},"title":"A Generic Construction of an Anonymous Reputation System and Instantiations from Lattices","type":"conference","status":"public","user_id":"47434","department":[{"_id":"64"}],"project":[{"_id":"1","name":"SFB 901: SFB 901","grant_number":"160364472"},{"_id":"13","name":"SFB 901 - C1: SFB 901 - Subproject C1"},{"_id":"4","name":"SFB 901 - C: SFB 901 - Project Area C"}],"_id":"43458","language":[{"iso":"eng"}]},{"title":"Post-Quantum Secure Group Signatures","oa":"1","date_updated":"2022-01-06T06:50:36Z","author":[{"last_name":"Porzenheim","full_name":"Porzenheim, Laurens Alexander","id":"47434","first_name":"Laurens Alexander"}],"date_created":"2019-06-26T09:12:47Z","supervisor":[{"first_name":"Johannes","id":"23","full_name":"Blömer, Johannes","last_name":"Blömer"}],"year":"2019","citation":{"apa":"Porzenheim, L. A. (2019). Post-Quantum Secure Group Signatures.","short":"L.A. Porzenheim, Post-Quantum Secure Group Signatures, 2019.","bibtex":"@book{Porzenheim_2019, title={Post-Quantum Secure Group Signatures}, author={Porzenheim, Laurens Alexander}, year={2019} }","mla":"Porzenheim, Laurens Alexander. Post-Quantum Secure Group Signatures. 2019.","chicago":"Porzenheim, Laurens Alexander. Post-Quantum Secure Group Signatures, 2019.","ieee":"L. A. Porzenheim, Post-Quantum Secure Group Signatures. 2019.","ama":"Porzenheim LA. Post-Quantum Secure Group Signatures.; 2019."},"has_accepted_license":"1","ddc":["000"],"file_date_updated":"2019-06-26T09:19:15Z","language":[{"iso":"eng"}],"_id":"10306","department":[{"_id":"64"}],"user_id":"47434","status":"public","file":[{"content_type":"application/pdf","relation":"main_file","date_updated":"2019-06-26T09:19:15Z","creator":"laurensp","date_created":"2019-06-26T09:08:23Z","file_size":899233,"file_id":"10307","file_name":"thesis_final.pdf","access_level":"open_access"}],"type":"mastersthesis"},{"place":"New York, NY, USA","citation":{"mla":"Bemmann, Kai, et al. “Fully-Featured Anonymous Credentials with Reputation System.” Proceedings of the 13th International Conference on Availability, Reliability and Security - ARES ’18, ACM, doi:10.1145/3230833.3234517.","short":"K. Bemmann, J. Blömer, J. Bobolz, H. Bröcher, D.P. Diemert, F. Eidens, L. Eilers, J.F. Haltermann, J. Juhnke, B. Otour, L.A. Porzenheim, S. Pukrop, E. Schilling, M. Schlichtig, M. Stienemeier, in: Proceedings of the 13th International Conference on Availability, Reliability and Security - ARES ’18, ACM, New York, NY, USA, n.d.","bibtex":"@inproceedings{Bemmann_Blömer_Bobolz_Bröcher_Diemert_Eidens_Eilers_Haltermann_Juhnke_Otour_et al., place={New York, NY, USA}, title={Fully-Featured Anonymous Credentials with Reputation System}, DOI={10.1145/3230833.3234517}, booktitle={Proceedings of the 13th International Conference on Availability, Reliability and Security - ARES ’18}, publisher={ACM}, author={Bemmann, Kai and Blömer, Johannes and Bobolz, Jan and Bröcher, Henrik and Diemert, Denis Pascal and Eidens, Fabian and Eilers, Lukas and Haltermann, Jan Frederik and Juhnke, Jakob and Otour, Burhan and et al.} }","apa":"Bemmann, K., Blömer, J., Bobolz, J., Bröcher, H., Diemert, D. P., Eidens, F., … Stienemeier, M. (n.d.). Fully-Featured Anonymous Credentials with Reputation System. In Proceedings of the 13th International Conference on Availability, Reliability and Security - ARES ’18. New York, NY, USA: ACM. https://doi.org/10.1145/3230833.3234517","ama":"Bemmann K, Blömer J, Bobolz J, et al. Fully-Featured Anonymous Credentials with Reputation System. In: Proceedings of the 13th International Conference on Availability, Reliability and Security - ARES ’18. New York, NY, USA: ACM. doi:10.1145/3230833.3234517","ieee":"K. Bemmann et al., “Fully-Featured Anonymous Credentials with Reputation System,” in Proceedings of the 13th International Conference on Availability, Reliability and Security - ARES ’18, Hamburg, Germany.","chicago":"Bemmann, Kai, Johannes Blömer, Jan Bobolz, Henrik Bröcher, Denis Pascal Diemert, Fabian Eidens, Lukas Eilers, et al. “Fully-Featured Anonymous Credentials with Reputation System.” In Proceedings of the 13th International Conference on Availability, Reliability and Security - ARES ’18. New York, NY, USA: ACM, n.d. https://doi.org/10.1145/3230833.3234517."},"publication_status":"accepted","has_accepted_license":"1","publication_identifier":{"isbn":["978-1-4503-6448-5"]},"related_material":{"link":[{"relation":"software","url":"https://github.com/upbcuk"}]},"main_file_link":[{"open_access":"1","url":"https://eprint.iacr.org/2018/835"}],"conference":{"end_date":"2018-08-30","location":"Hamburg, Germany","name":"ARES 2018 - SECPID","start_date":"2018-08-27"},"doi":"10.1145/3230833.3234517","oa":"1","date_updated":"2022-01-06T06:59:07Z","author":[{"last_name":"Bemmann","full_name":"Bemmann, Kai","first_name":"Kai"},{"first_name":"Johannes","last_name":"Blömer","full_name":"Blömer, Johannes","id":"23"},{"full_name":"Bobolz, Jan","id":"27207","last_name":"Bobolz","first_name":"Jan"},{"full_name":"Bröcher, Henrik","id":"41047","last_name":"Bröcher","first_name":"Henrik"},{"full_name":"Diemert, Denis Pascal","id":"44071","last_name":"Diemert","first_name":"Denis Pascal"},{"first_name":"Fabian","last_name":"Eidens","id":"25078","full_name":"Eidens, Fabian"},{"first_name":"Lukas","full_name":"Eilers, Lukas","last_name":"Eilers"},{"id":"44413","full_name":"Haltermann, Jan Frederik","last_name":"Haltermann","first_name":"Jan Frederik"},{"first_name":"Jakob","last_name":"Juhnke","id":"48090","full_name":"Juhnke, Jakob"},{"first_name":"Burhan","full_name":"Otour, Burhan","last_name":"Otour"},{"first_name":"Laurens Alexander","full_name":"Porzenheim, Laurens Alexander","id":"47434","last_name":"Porzenheim"},{"last_name":"Pukrop","full_name":"Pukrop, Simon","first_name":"Simon"},{"last_name":"Schilling","full_name":"Schilling, Erik","first_name":"Erik"},{"id":"32312","full_name":"Schlichtig, Michael","last_name":"Schlichtig","first_name":"Michael"},{"first_name":"Marcel","last_name":"Stienemeier","full_name":"Stienemeier, Marcel"}],"status":"public","type":"conference","file_date_updated":"2018-11-08T10:17:39Z","project":[{"name":"SFB 901","_id":"1"},{"_id":"4","name":"SFB 901 - Project Area C"},{"name":"SFB 901 - Subproject C1","_id":"13"},{"name":"KogniHome - die mitdenkende Wohnung","_id":"44"}],"_id":"3265","user_id":"25078","department":[{"_id":"64"}],"year":"2018","quality_controlled":"1","title":"Fully-Featured Anonymous Credentials with Reputation System","publisher":"ACM","date_created":"2018-06-14T11:19:29Z","abstract":[{"text":"We present CLARC (Cryptographic Library for Anonymous Reputation and Credentials), an anonymous credentials system (ACS) combined with an anonymous reputation system.\r\n\r\nUsing CLARC, users can receive attribute-based credentials from issuers. They can efficiently prove that their credentials satisfy complex (access) policies in a privacy-preserving way. This implements anonymous access control with complex policies.\r\n\r\nFurthermore, CLARC is the first ACS that is combined with an anonymous reputation system where users can anonymously rate services. A user who gets access to a service via a credential, also anonymously receives a review token to rate the service. If a user creates more than a single rating, this can be detected by anyone, preventing users from spamming ratings to sway public opinion.\r\n\r\nTo evaluate feasibility of our construction, we present an open-source prototype implementation.","lang":"eng"}],"file":[{"file_id":"5428","access_level":"closed","file_name":"react_acs.pdf","file_size":920843,"creator":"feidens","date_created":"2018-11-08T10:17:39Z","date_updated":"2018-11-08T10:17:39Z","relation":"main_file","content_type":"application/pdf"}],"publication":"Proceedings of the 13th International Conference on Availability, Reliability and Security - ARES '18","ddc":["000"],"language":[{"iso":"eng"}]}]