Skip to content

Commit

Permalink
Add Docs for Hybrid Signing
Browse files Browse the repository at this point in the history
zolagonano committed Dec 16, 2023
1 parent 30d0b95 commit 52534e3
Showing 1 changed file with 60 additions and 0 deletions.
60 changes: 60 additions & 0 deletions docs/concepts/hybrid-signing.md
Original file line number Diff line number Diff line change
@@ -0,0 +1,60 @@
---
title: Hybrid Signing
layout: default
parent: Concepts
---

In Sare, signatures utilize two separate keypairs, similar to the Hybrid Key Encapsulation Mechanism (KEM), and for the same reason—comprising one elliptic curve signing keypair and one post-quantum signing keypair.

## How the Data Is Signed

Data signing is achieved by independently signing it with each of the keypairs. For verification, the message is then verified separately with each signature. If either of the verifications fails, the signature is considered invalid. If both the post-quantum and elliptic curve signatures verify successfully, the data is deemed valid.

```
+----------------------+
| Elliptic Curve |
| Signing Keypair |
+----------------------+
|
V
+------------------------+
| Data Signing with |
| Elliptic Curve Key |
+------------------------+
|
V
+----------------------+
| Post-Quantum |
| Signing Keypair |
+----------------------+
|
V
+------------------------+
| Data Signing with |
| Post-Quantum Key |
+------------------------+
|
V
+----------------------------------+
| Separate Storage of |
| Elliptic Curve Signature and |
| Post-Quantum Signature |
+----------------------------------+
|
V
+----------------------------------+
| Data Verification |
| (Separate Verification with |
| Each Signature) |
+----------------------------------+
|
V
+----------------------------------+
| Valid/Invalid Decision |
| (Both Signatures Must Verify |
| for Data to be Considered Valid)|
+----------------------------------+
```

0 comments on commit 52534e3

Please sign in to comment.