4428                                                      软件学报  2025  年第  36  卷第  10  期


                     module-lattice-based  KEM.  In:  Proc.  of  the  2018  IEEE  European  Symp.  on  Security  and  Privacy  (EuroS&P).  London:  IEEE,  2018.
                     353–367. [doi: 10.1109/EuroSP.2018.00032]
                  [8]   Ducas  L,  Kiltz  E,  Lepoint  T,  Lyubashevsky  V,  Schwabe  P,  Seiler  G,  Stehlé  D.  Crystals-Dilithium:  A  lattice-based  digital  signature
                     scheme. IACR Trans. on Cryptographic Hardware and Embedded Systems, 2018, 2018(1): 238–268. [doi: 10.13154/tches.v2018.i1.238-
                     268]
                  [9]   Soni D, Basu K, Nabeel M, Aaraj N, Manzano M, Karri R. Hardware Architectures for Post-quantum Digital Signature Schemes. Cham:
                     Springer, 2021. 31–41. [doi: 10.1007/978-3-030-57682-0]
                                                                             +
                 [10]   Bernstein DJ, Hülsing A, Kölbl S, Niederhagen R, Rijneveld J, Schwabe P. The SPHINCS  signature framework. In: Proc. of the 2019
                     ACM SIGSAC Conf. on Computer and Communications Security (CCS19). London: ACM, 2019. 2129–2146. [doi: 10.1145/3319535.
                     3363229]
                 [11]   Yang YT, Zhao RY, Chang X, Guo C, Xiao S. PQVPN: Design of software VPN against quantum computing attack. Journal of Cyber
                     Security, 2022, 7(5): 108–119 (in Chinese with English abstract). [doi: 10.19363/J.cnki.cn10-1380/tn.2022.09.09]
                 [12]   National  Institute  of  Standards  and  Technology.  Recommendation  for  Stateful  Hash-based  Signature  Schemes:  NIST  SP  800-208.
                     Gaithersburg: U.S. Department of Commerce, 2020.
                 [13]   Yang YT, Chang X, Shi HP, Wang W, Wang K. CDBS: Blind signature scheme based on CRYSTALS-Dilithium algorithm. Journal on
                     Communications, 2024, 45(7): 184–195 (in Chinese with English abstract). [doi: 10.11959/j.issn.1000-436x.2024129]
                 [14]   Hülsing A, Butin D, Gazdag S, Rijneveld J, Mohaisen A. XMSS: eXtended Merkle signature scheme. RFC 8391, 2018.
                 [15]   Zhang KY, Cui HR, Yu Y. SPHINCS-α: A compact stateless hash-based signature scheme. Cryptology ePrint Archive, 2023/850, 2022.
                 [16]   Kudinov M, Hülsing A, Ronen E, Yogev E. SPHINCS+C: Compressing SPHINCS+ with (almost) no cost. Cryptology ePrint Archive,
                     2022/778, 2022.
                 [17]   Suhail S, Hussain R, Khan A, Hong CS. On the role of hash-based signatures in quantum-safe Internet of Things: Current solutions and
                     future directions. IEEE Internet of Things Journal, 2021, 8(1): 1–17. [doi: 10.1109/JIOT.2020.3013019]
                 [18]   Kumar A, Ottaviani C, Gill SS, Buyya R. Securing the future Internet of Things with post-quantum cryptography. Security and Privacy,
                     2022, 5(2): e200. [doi: 10.1002/spy2.200]
                 [19]   Lamport L. Constructing digital signatures from a one way function. Technical Report, CSL-98, SRI Int’l Computer Science Laboratory,
                     1979.
                 [20]   Merkle RC. Secrecy, authentication, and public key systems [Ph.D. Thesis]. Stanford: Stanford University, 1979.
                 [21]   Merkle RC. A certified digital signature. In: Proc. of the 1989 Conf. on the Theory and Application of Cryptology. New York: Springer,
                     1989. 218–238. [doi: 10.1007/0-387-34805-0_21]
                                                                        +
                 [22]   Sun SW, Liu TY, Guan Z, He YF, Hu L, Jing JW, Zhang LT, Yan HL. SPHINCS -SM3: SM3-based stateless digital signature scheme.
                     Journal of Cryptologic Research, 2023, 10(6): 1266–1278 (in Chinese with English abstract). [doi: 10.13868/j.cnki.jcr.000658]
                 [23]   Sun SW, Liu TY, Guan Z, He YF, Jing JW, Hu L, Zhang ZF, Yan HL. SM3-based post-quantum digital signature schemes. Journal of
                     Cryptologic Research, 2023, 10(1): 46–60 (in Chinese with English abstract). [doi: 10.13868/j.cnki.jcr.000578]
                 [24]   Li LY, Lu XH, Wang KP. Hash-based signature revisited. Cybersecurity, 2022, 5(1): 13. [doi: 10.1186/s42400-022-00117-w]
                 [25]   Wang JD, Zhang T, Song JK, Sebe N, Shen HT. A survey on learning to hash. IEEE Trans. on Pattern Analysis and Machine Intelligence,
                     2018, 40(4): 769–790. [doi: 10.1109/TPAMI.2017.2699960]

                 附中文参考文献:
                  [3]   崔富鑫, 王辈, 刘焱, 李叶. 公钥密码的量子攻击研究现状与展望. 网络安全与数据治理, 2022, 41(9): 3–12. [doi: 10.19358/j.issn.2097-
                     1788.2022.03.001]
                 [11]   杨亚涛, 赵若岩, 常鑫, 郭超, 肖嵩. PQVPN: 抗量子计算攻击的软件  VPN  设计. 信息安全学报, 2022, 7(5): 108–119. [doi: 10.19363/
                     J.cnki.cn10-1380/tn.2022.09.09]
                 [13]   杨亚涛, 常鑫, 史浩鹏, 王伟, 王克. CDBS: 基于  CRYSTALS-Dilithium  算法的盲签名方案. 通信学报, 2024, 45(7): 184–195. [doi:
                     10.11959/j.issn.1000-436x.2024129]
                                                                   +
                 [22]   孙思维, 刘田雨, 关志, 何逸飞, 胡磊, 荆继武, 张立廷, 闫海伦. SPHINCS -SM3: 基于  SM3  的无状态数字签名算法. 密码学报, 2023,
                     10(6): 1266–1278. [doi: 10.13868/j.cnki.jcr.000658]
                 [23]   孙思维, 刘田雨, 关志, 何逸飞, 荆继武, 胡磊, 张振峰, 闫海伦. 基于杂凑函数     SM3  的后量子数字签名. 密码学报, 2023, 10(1):
                     46–60. [doi: 10.13868/j.cnki.jcr.000578]