# What is Winternitz One Time Signature Scheme?

Computer NetworkInternetMCA

## Winternitz One Time Signature Scheme

Robert Winternitz proposed the W-OTS approach. It is thought to be quantum resilient since it uses modest key and signature sizes.

• It generates 32 ☓ 256 bit random private keys in total.

• We then have this a number of times, and a parameter (W) is used to define them.

• We can hash the private keys by using W = 8(2W).

• It generates public keys with a length of 32 256-bits

• The signature is formed by taking 8-bits at a time, subtracting the 8-bit binary int (n) from 256, then hashing the private key 256 times.

• Thereafter, the signature is made up of 32 hashes created from random private keys.

## How Does It Work?

The procedure is as follows −

• We start by making 32 256-bit random numbers. Our private key will be made up of these 32 values.

• Each of these values is then hashed 256 times. Our public key will be made up of these 32 values.

• We're now going to hash the message with SHA-256. This will yield 32 8-bit values (N1, N2,..., N32).

• For the signature, we hash each 8-bit value in the message's hash 256-N times (where N is the value of the 8-bit value).

• The message is hashed with SHA-256, and each 8-bit value is used to prove the signature. The message hash value specifies how many times the 8-bit signature value is hashed (N1N2)... The result of each action should be the same as the public key value.

## Key Generation

• A pair of keys is to be generated, a private key and a public key

• Using a random number generator, 32 256-bit random numbers are generated to create the private key.

• Each of the 32 numbers is hashed 256 times to get another set of 32 256-bit numbers for the public key. The public key is available to anyone.

## Signature Generation

• SHA 256 is used to hash the message, resulting in a 256-bit digest. This hash is broken down into 32 8-bit values (N1N2N3...N32).

• 256-N times hashes each 8-bit value, where N is the value of the 8-bit value. For example, if N1 is an 8-bit number of 10001000 = 136, then N1 will be hashed 256 - 136 = 120 times. The digital signature is created after performing this operation for each of the 8-bit values.

## Signature Verification

• SHA-256 is used to generate a digest of 32 8-bit values (N1N2N3...N32). from the message.

• The signature value is then hashed by the number of times the message hash value (N1N2N3...N32) specifies.

• The signature is then compared to the public key, and if the two matches, the signature is considered legitimate.

Updated on 05-Nov-2021 11:27:51