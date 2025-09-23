Abstract and 1. Introduction

6 HPPK DS Security Analysis

\ In this section, we primarily outline the attacks we have identified on the HPPK DS scheme to date, along with their classical computational complexities. We focus on two primary avenues of attack: key recovery and signature forgery. Further detailed cryptanalysis will be conducted in future works.

\ Due to the complexity independent from n,λ,m, we could optimally choose n = λ = m = 1. Table 1 presents a comprehensive overview of key sizes, signature sizes, and estimated entropy for all three NIST security levels. HPPK DS ensures robust security with entropy values of 144, 208, and 272 bits for NIST security levels I, III, and V, respectively.

\ The public key (PK) sizes exhibit a linear progression, with dimensions of 196, 276, and 356 bytes for security levels I, III, and V. Conversely, the private key (SK) sizes remain remarkably small, comprising 104 bytes for level I, 152 bytes for level III, and 200 bytes for level V.

\ In terms of signature sizes, HPPK DS maintains efficiency with compact outputs of 144, 208, and 272 bytes for NIST security levels I, III, and V, respectively. Our forthcoming work will delve into the benchmark performance of HPPK DS and provide a thorough comparison with NIST-standardized algorithms.

7 Conclusion

Acknowledgements

The authors extend their sincere gratitude to Michael Redding and Jay Toth for their continuous support and encouragement in tackling the challenges posed by forgery attacks in MPPK DS. Special thanks are also extended to Dr. Brian LaMacchia for engaging discussions throughout the evolution of HPPK DS developments. Additionally, we want to express our appreciation to one of the reviewers for bringing up the Merkle-Hellman knapsack cryptosystems, from which HPPK cryptography inherits its modular multiplication encryption.

Author contributions statement

R.K conceptualized the extension of HPPK KEM for the digital signature scheme and revised the manuscript based on reviewers’ comments, M.P. conducted the security analysis, and M.S. and D.L. delved into the proposal and its security aspects. All authors contributed to and reviewed the manuscript.

(1) Randy Kuang, Quantropi Inc., Ottawa, K1Z 8P9, Canada

(2) Maria Perepechaenko, Quantropi Inc., Ottawa, K1Z 8P9, Canada

(3) Mahmoud Sayed, Systems and Computer Engineering, Carleton University, Ottawa, K1S 5B6, Canada

(4) Dafu Lou, Quantropi Inc., Ottawa, K1Z 8P9, Canada

