Dual-Signatures for a Quantum-safe Future
amogorkon opened this issue · 0 comments
amogorkon commented
Implement dual signing. A dual signature consists of at least two signatures on a common message. According to guidance provided by NIST, one signature is generated with a NIST-approved signature scheme as specified in FIPS 196, while the other signatures can be generated by using a different signature algorithm.
For quantum-safe, the second signature is a quantum-safe signature (CRYSTALS-Dilithium is used for IBM z16). The signatures must be parsed and verified separately; if either fails, the signature for the object fails.