Benutzbarkeit von zustandsbehafteten, Hash-basierten Signaturverfahren

Abstract

Quantum computers pose a danger to asymmetric cryptographic schemes. As development continues, schemes such as RSA will likely be broken in a few years’ time. For this reason, different algorithms that would also withstand powerful quantum computers are already being considered today. One class of such algorithms are hash-based signature schemes, some of which, including XMSS, are stateful. This leads to additional challenges for error-free use and integration in IT systems by developers. However, the security of IT systems depends on the correct use of cryptographic algorithms. This thesis therefore proposes a usable API design for stateful signature schemes using XMSS/XMSSMT as an example. This design was developed through a series of interviews with software developers, prototypically implemented and evaluated in further user studies. It was shown that the API can manage the stateful key in a way that is transparent to the user. However, this leads to many of the study’s participants not being aware of using stateful schemes. Regarding the documentation and applicability of the API, good results could be achieved.