US 12,267,437 B2
Enabling internal and external verification of hash-based signature computations by signing server
Panagiotis Theodorou Kampanakis, Apex, NC (US); and Dimitrios Sikeridis, San Diego, CA (US)
Assigned to Cisco Technology, Inc., San Jose, CA (US)
Filed by Cisco Technology, Inc., San Jose, CA (US)
Filed on Feb. 10, 2022, as Appl. No. 17/669,302.
Prior Publication US 2023/0254154 A1, Aug. 10, 2023
Int. Cl. H04L 9/32 (2006.01); G06F 15/16 (2006.01); H04L 15/16 (2006.01); H04L 29/06 (2006.01); H04L 29/08 (2006.01)
CPC H04L 9/3247 (2013.01) [H04L 9/3239 (2013.01)] 5 Claims
OG exemplary drawing
 
1. A computing system comprising:
one or more processing units; and one or more non-transitory computer-readable media storing computer-executable instructions that, when executed by the one or more processing units, cause the one or more processing units to:
record a Merkle tree state used to generate a one-time signature (“OTS”) key pair and record an issued hash-based signature (“HBS”) in an immutably ordered log; and
autonomously report non-reuse or reuse of a Merkle tree state recorded in the immutably ordered log, such that the reporting verifies that a Merkle tree had a particular state when used to generate an OTS key pair of a particular issued OTS, or verifies that a current Merkle tree state was not previously used to generate any OTS key pair before a signing module generates an OTS key pair in response to a signing request.