{"status":"ok","message-type":"work","message-version":"1.0.0","message":{"indexed":{"date-parts":[[2026,3,18]],"date-time":"2026-03-18T13:21:26Z","timestamp":1773840086375,"version":"3.50.1"},"publisher-location":"Berlin, Heidelberg","reference-count":29,"publisher":"Springer Berlin Heidelberg","isbn-type":[{"value":"9783642254048","type":"print"},{"value":"9783642254055","type":"electronic"}],"license":[{"start":{"date-parts":[[2011,1,1]],"date-time":"2011-01-01T00:00:00Z","timestamp":1293840000000},"content-version":"unspecified","delay-in-days":0,"URL":"http:\/\/www.springer.com\/tdm"}],"content-domain":{"domain":[],"crossmark-restriction":false},"short-container-title":[],"published-print":{"date-parts":[[2011]]},"DOI":"10.1007\/978-3-642-25405-5_8","type":"book-chapter","created":{"date-parts":[[2011,11,24]],"date-time":"2011-11-24T06:32:34Z","timestamp":1322116354000},"page":"117-129","source":"Crossref","is-referenced-by-count":205,"title":["XMSS - A Practical Forward Secure Signature Scheme Based on Minimal Security Assumptions"],"prefix":"10.1007","author":[{"given":"Johannes","family":"Buchmann","sequence":"first","affiliation":[]},{"given":"Erik","family":"Dahmen","sequence":"additional","affiliation":[]},{"given":"Andreas","family":"H\u00fclsing","sequence":"additional","affiliation":[]}],"member":"297","reference":[{"key":"8_CR1","unstructured":"Anderson, R.: Two remarks on public key cryptology. In: Manuscript. Relevant material presented by the author in an invited lecture at the 4th ACM Conference on Computer and Communications Security, CCS, pp. 1\u20134. Citeseer (1997)"},{"key":"8_CR2","series-title":"Lecture Notes in Computer Science","first-page":"1","volume-title":"Advances in Cryptology - CRYPTO \u201996","author":"M. Bellare","year":"1996","unstructured":"Bellare, M., Canetti, R., Krawczyk, H.: Keying Hash Functions for Message Authentication. In: Koblitz, N. (ed.) CRYPTO 1996. LNCS, vol.\u00a01109, pp. 1\u201315. Springer, Heidelberg (1996)"},{"key":"8_CR3","doi-asserted-by":"crossref","unstructured":"Bellare, M., Canetti, R., Krawczyk, H.: Pseudorandom functions revisited: The cascade construction and its concrete security. In: Proceedings of 37th Annual Symposium on Foundations of Computer Science, pp. 514\u2013523. IEEE (1996)","DOI":"10.1109\/SFCS.1996.548510"},{"key":"8_CR4","series-title":"Lecture Notes in Computer Science","doi-asserted-by":"publisher","first-page":"431","DOI":"10.1007\/3-540-48405-1_28","volume-title":"Advances in Cryptology - CRYPTO \u201999","author":"M. Bellare","year":"1999","unstructured":"Bellare, M., Miner, S.K.: A Forward-Secure Digital Signature Scheme. In: Wiener, M. (ed.) CRYPTO 1999. LNCS, vol.\u00a01666, pp. 431\u2013448. Springer, Heidelberg (1999)"},{"key":"8_CR5","series-title":"Lecture Notes in Computer Science","doi-asserted-by":"publisher","first-page":"470","DOI":"10.1007\/BFb0052256","volume-title":"Advances in Cryptology - CRYPTO \u201997","author":"M. Bellare","year":"1997","unstructured":"Bellare, M., Rogaway, P.: Collision-Resistant Hashing: Towards Making UOWHFs Practical. In: Kaliski Jr., B.S. (ed.) CRYPTO 1997. LNCS, vol.\u00a01294, pp. 470\u2013484. Springer, Heidelberg (1997)"},{"key":"8_CR6","series-title":"Lecture Notes in Computer Science","doi-asserted-by":"publisher","first-page":"1","DOI":"10.1007\/3-540-36563-X_1","volume-title":"Topics in Cryptology - CT-RSA 2003","author":"M. Bellare","year":"2003","unstructured":"Bellare, M., Yee, B.S.: Forward-Security in Private-Key Cryptography. In: Joye, M. (ed.) CT-RSA 2003. LNCS, vol.\u00a02612, pp. 1\u201318. Springer, Heidelberg (2003)"},{"key":"8_CR7","series-title":"Lecture Notes in Computer Science","first-page":"103","volume-title":"Advances in Cryptology - CRYPTO 2002","author":"J.A. Black","year":"2002","unstructured":"Black, J.A., Rogaway, P., Shrimpton, T.: Black-Box Analysis of the Block-Cipher-Based Hash-Function Constructions from PGV. In: Yung, M. (ed.) CRYPTO 2002. LNCS, vol.\u00a02442, pp. 103\u2013118. Springer, Heidelberg (2002)"},{"key":"8_CR8","series-title":"Lecture Notes in Computer Science","doi-asserted-by":"publisher","first-page":"363","DOI":"10.1007\/3-540-60922-9_30","volume-title":"STACS 96","author":"D. Bleichenbacher","year":"1996","unstructured":"Bleichenbacher, D., Maurer, U.M.: Optimal Tree-based One-time Digital Signature Schemes. In: Puech, C., Reischuk, R. (eds.) STACS 1996. LNCS, vol.\u00a01046, pp. 363\u2013374. Springer, Heidelberg (1996)"},{"key":"8_CR9","series-title":"Lecture Notes in Computer Science","doi-asserted-by":"publisher","first-page":"363","DOI":"10.1007\/978-3-642-21969-6_23","volume-title":"Progress in Cryptology \u2013 AFRICACRYPT 2011","author":"J. Buchmann","year":"2011","unstructured":"Buchmann, J., Dahmen, E., Ereth, S., H\u00fclsing, A., R\u00fcckert, M.: On the Security of the Winternitz One-Time Signature Scheme. In: Nitaj, A., Pointcheval, D. (eds.) AFRICACRYPT 2011. LNCS, vol.\u00a06737, pp. 363\u2013378. Springer, Heidelberg (2011)"},{"key":"8_CR10","series-title":"Lecture Notes in Computer Science","doi-asserted-by":"publisher","first-page":"31","DOI":"10.1007\/978-3-540-72738-5_3","volume-title":"Applied Cryptography and Network Security","author":"J. Buchmann","year":"2007","unstructured":"Buchmann, J., Dahmen, E., Klintsevich, E., Okeya, K., Vuillaume, C.: Merkle Signatures with Virtually Unlimited Signature Capacity. In: Katz, J., Yung, M. (eds.) ACNS 2007. LNCS, vol.\u00a04521, pp. 31\u201345. Springer, Heidelberg (2007)"},{"key":"8_CR11","series-title":"Lecture Notes in Computer Science","doi-asserted-by":"publisher","first-page":"63","DOI":"10.1007\/978-3-540-88403-3_5","volume-title":"Post-Quantum Cryptography","author":"J. Buchmann","year":"2008","unstructured":"Buchmann, J., Dahmen, E., Schneider, M.: Merkle Tree Traversal Revisited. In: Buchmann, J., Ding, J. (eds.) PQCrypto 2008. LNCS, vol.\u00a05299, pp. 63\u201378. Springer, Heidelberg (2008)"},{"key":"8_CR12","doi-asserted-by":"publisher","first-page":"35","DOI":"10.1007\/978-3-540-88702-7_3","volume-title":"Post-Quantum Cryptography","author":"J. Buchmann","year":"2009","unstructured":"Buchmann, J., Dahmen, E., Szydlo, M.: Hash-based Digital Signature Schemes. In: Bernstein, D.J., Buchmann, J., Dahmen, E. (eds.) Post-Quantum Cryptography, pp. 35\u201393. Springer, Heidelberg (2009)"},{"key":"8_CR13","series-title":"Lecture Notes in Computer Science","doi-asserted-by":"publisher","first-page":"349","DOI":"10.1007\/11941378_25","volume-title":"Progress in Cryptology - INDOCRYPT 2006","author":"J. Buchmann","year":"2006","unstructured":"Buchmann, J., Garc\u00eda, L.C.C., Dahmen, E., D\u00f6ring, M., Klintsevich, E.: CMSS \u2013 An Improved Merkle Signature Scheme. In: Barua, R., Lange, T. (eds.) INDOCRYPT 2006. LNCS, vol.\u00a04329, pp. 349\u2013363. Springer, Heidelberg (2006)"},{"key":"8_CR14","series-title":"Lecture Notes in Computer Science","doi-asserted-by":"publisher","first-page":"109","DOI":"10.1007\/978-3-540-88403-3_8","volume-title":"Post-Quantum Cryptography","author":"E. Dahmen","year":"2008","unstructured":"Dahmen, E., Okeya, K., Takagi, T., Vuillaume, C.: Digital Signatures Out of Second-Preimage Resistant Hash Functions. In: Buchmann, J., Ding, J. (eds.) PQCrypto 2008. LNCS, vol.\u00a05299, pp. 109\u2013123. Springer, Heidelberg (2008)"},{"key":"8_CR15","series-title":"Lecture Notes in Computer Science","doi-asserted-by":"publisher","first-page":"96","DOI":"10.1007\/11586821_8","volume-title":"Cryptography and Coding","author":"C. Dods","year":"2005","unstructured":"Dods, C., Smart, N.P., Stam, M.: Hash Based Digital Signature Schemes. In: Smart, N.P. (ed.) Cryptography and Coding 2005. LNCS, vol.\u00a03796, pp. 96\u2013115. Springer, Heidelberg (2005)"},{"key":"8_CR16","unstructured":"Garc\u00eda, L.C.C: On the security and the efficiency of the Merkle signature scheme. Technical Report Report 2005\/192, Cryptology ePrint Archive - Report 2005\/192 (2005), \n                  \n                    http:\/\/eprint.iacr.org\/2005\/192\/"},{"issue":"4","key":"8_CR17","doi-asserted-by":"publisher","first-page":"792","DOI":"10.1145\/6490.6503","volume":"33","author":"O. Goldreich","year":"1986","unstructured":"Goldreich, O., Goldwasser, S., Micali, S.: How to construct random functions. Journal of the ACM\u00a033(4), 792\u2013807 (1986)","journal-title":"Journal of the ACM"},{"issue":"2","key":"8_CR18","doi-asserted-by":"publisher","first-page":"281","DOI":"10.1137\/0217017","volume":"17","author":"S. Goldwasser","year":"1988","unstructured":"Goldwasser, S., Micali, S., Rivest, R.L.: A digital signature scheme secure against adaptive chosen-message attacks. SIAM J. Comput.\u00a017(2), 281\u2013308 (1988)","journal-title":"SIAM J. Comput."},{"key":"8_CR19","doi-asserted-by":"publisher","first-page":"1364","DOI":"10.1137\/S0097539793244708","volume":"28","author":"J. H\u00e5stad","year":"1999","unstructured":"H\u00e5stad, J., Impagliazzo, R., Levin, L.A., Luby, M.: A pseudorandom generator from any one-way function. SIAM J. Comput.\u00a028, 1364\u20131396 (1999)","journal-title":"SIAM J. Comput."},{"key":"8_CR20","series-title":"Lecture Notes in Computer Science","doi-asserted-by":"publisher","first-page":"379","DOI":"10.1007\/3-540-36178-2_24","volume-title":"Advances in Cryptology - ASIACRYPT 2002","author":"A. Hevia","year":"2002","unstructured":"Hevia, A., Micciancio, D.: The Provable Security of Graph-Based One-Time Signatures and Extensions to Algebraic Signature Schemes. In: Zheng, Y. (ed.) ASIACRYPT 2002. LNCS, vol.\u00a02501, pp. 379\u2013396. Springer, Heidelberg (2002)"},{"key":"8_CR21","series-title":"Lecture Notes in Computer Science","doi-asserted-by":"publisher","first-page":"314","DOI":"10.1007\/3-540-36563-X_21","volume-title":"Topics in Cryptology - CT-RSA 2003","author":"M. Jakobsson","year":"2003","unstructured":"Jakobsson, M., Leighton, T., Micali, S., Szydlo, M.: Fractal Merkle Tree Representation and Traversal. In: Joye, M. (ed.) CT-RSA 2003. LNCS, vol.\u00a02612, pp. 314\u2013326. Springer, Heidelberg (2003)"},{"key":"8_CR22","first-page":"108","volume-title":"CCS 2000: Proceedings of the 7th ACM Conference on Computer and Communications Security","author":"H. Krawczyk","year":"2000","unstructured":"Krawczyk, H.: Simple forward-secure signatures from any signature scheme. In: CCS 2000: Proceedings of the 7th ACM Conference on Computer and Communications Security, pp. 108\u2013115. ACM, New York (2000)"},{"key":"8_CR23","doi-asserted-by":"publisher","first-page":"255","DOI":"10.1007\/s00145-001-0009-4","volume":"14","author":"A.K. Lenstra","year":"2001","unstructured":"Lenstra, A.K., Verheul, E.R.: Selecting cryptographic key sizes. Journal of Cryptology\u00a014, 255\u2013293 (2001)","journal-title":"Journal of Cryptology"},{"key":"8_CR24","series-title":"Lecture Notes in Computer Science","doi-asserted-by":"crossref","first-page":"218","DOI":"10.1007\/0-387-34805-0_21","volume-title":"Advances in Cryptology - CRYPTO \u201989","author":"R.C. Merkle","year":"1990","unstructured":"Merkle, R.C.: A Certified Digital Signature. In: Brassard, G. (ed.) CRYPTO 1989. LNCS, vol.\u00a0435, pp. 218\u2013238. Springer, Heidelberg (1990)"},{"key":"8_CR25","series-title":"Lecture Notes in Computer Science","doi-asserted-by":"crossref","first-page":"428","DOI":"10.1007\/0-387-34805-0_40","volume-title":"Advances in Cryptology - CRYPTO \u201989","author":"R.C. Merkle","year":"1990","unstructured":"Merkle, R.C.: One Way Hash Functions and DES. In: Brassard, G. (ed.) CRYPTO 1989. LNCS, vol.\u00a0435, pp. 428\u2013446. Springer, Heidelberg (1990)"},{"key":"8_CR26","series-title":"Lecture Notes in Computer Science","doi-asserted-by":"publisher","first-page":"371","DOI":"10.1007\/978-3-540-25937-4_24","volume-title":"Fast Software Encryption","author":"P. Rogaway","year":"2004","unstructured":"Rogaway, P., Shrimpton, T.: Cryptographic Hash-Function Basics: Definitions, Implications, and Separations for Preimage Resistance, Second-Preimage Resistance, and Collision Resistance. In: Roy, B.K., Meier, W. (eds.) FSE 2004. LNCS, vol.\u00a03017, pp. 371\u2013388. Springer, Heidelberg (2004)"},{"key":"8_CR27","doi-asserted-by":"publisher","first-page":"387","DOI":"10.1145\/100216.100269","volume-title":"STOC 1990: Proceedings of the Twenty-Second Annual ACM Symposium on Theory of Computing","author":"J. Rompel","year":"1990","unstructured":"Rompel, J.: One-way functions are necessary and sufficient for secure signatures. In: STOC 1990: Proceedings of the Twenty-Second Annual ACM Symposium on Theory of Computing, pp. 387\u2013394. ACM Press, New York (1990)"},{"key":"8_CR28","doi-asserted-by":"crossref","unstructured":"Shor, P.W.: Algorithms for quantum computation: Discrete logarithms and factoring. In: Proceedings of the 35th Annual IEEE Symposium on Foundations of Computer Science (FOCS 1994), pp. 124\u2013134. IEEE Computer Society Press (1994)","DOI":"10.1109\/SFCS.1994.365700"},{"key":"8_CR29","series-title":"Lecture Notes in Computer Science","doi-asserted-by":"publisher","first-page":"541","DOI":"10.1007\/978-3-540-24676-3_32","volume-title":"Advances in Cryptology - EUROCRYPT 2004","author":"M. Szydlo","year":"2004","unstructured":"Szydlo, M.: Merkle Tree Traversal in Log Space and Time. In: Cachin, C., Camenisch, J.L. (eds.) EUROCRYPT 2004. LNCS, vol.\u00a03027, pp. 541\u2013554. Springer, Heidelberg (2004)"}],"container-title":["Lecture Notes in Computer Science","Post-Quantum Cryptography"],"original-title":[],"link":[{"URL":"http:\/\/link.springer.com\/content\/pdf\/10.1007\/978-3-642-25405-5_8","content-type":"unspecified","content-version":"vor","intended-application":"similarity-checking"}],"deposited":{"date-parts":[[2019,4,19]],"date-time":"2019-04-19T13:48:53Z","timestamp":1555681733000},"score":1,"resource":{"primary":{"URL":"http:\/\/link.springer.com\/10.1007\/978-3-642-25405-5_8"}},"subtitle":[],"short-title":[],"issued":{"date-parts":[[2011]]},"ISBN":["9783642254048","9783642254055"],"references-count":29,"URL":"https:\/\/doi.org\/10.1007\/978-3-642-25405-5_8","relation":{},"ISSN":["0302-9743","1611-3349"],"issn-type":[{"value":"0302-9743","type":"print"},{"value":"1611-3349","type":"electronic"}],"subject":[],"published":{"date-parts":[[2011]]}}}