Security analysis of the W-OTS$^+$ signature scheme: Updating security bounds
This work addresses a critical security issue for users of hash-based digital signature schemes, though it is incremental as it fixes an existing proof rather than introducing new methods.
The paper identifies a flaw in the original security proof of the W-OTS⁺ signature scheme, a key component in hash-based digital signatures, and updates the proof to derive a corrected security level.
In this work, we discuss in detail a flaw in the original security proof of the W-OTS${^+}$ variant of the Winternitz one-time signature scheme, which is an important component for various stateless and stateful many-time hash-based digital signature schemes. We update the security proof for the W-OTS${^+}$ scheme and derive the corresponding security level. Our result is of importance for the security analysis of hash-based digital signature schemes.