**JotaSigs** is a Python implementation of hash-based, one time signatures (OTS). OTS serve as primitives employed to construct more general signatures schemes. On its own, a OTS can only authenticate one single message per public key. In conjuction with another scheme (i.e., XMSS) the OTS primitive can be turned into a many-times, general purpose signature.

Hash-based signatures are post-quantum: they are designed to be used on classical computers, and are thought to be resistant even against an attacker with a quantum computer, since they only rely the security of a cryptographic hash.

The Jotasigs library includes two primitives:

- Unbalanced Winternitz One Time Signatures (UWOTS). This is an optimized variant of the classical WOTS that decreases the number of hash computations for a same level of security. In addition, it permits signatures of arbitrary sizes.
- Integer Compositions Signatures (IC). It is a tweakable OTS construction, closely related to the Lamport OTS (it can be though of as a generalization of it). Its main bennefits rely on its flexibility. Its parameters set compromises between the signature size and its overal cost of computation, and compromises regarding how the computational cost is distributed between signer and erifiers.

Important: the library is currently in beta, and is intended for use in education and research. Use with caution. Its use in production is not recommended yet.

- JotaSigs version 5 (2018-nov-3)

sha256: 6382650429610e6316c91c2c6aa9d7c150906ebad20f5f21a317171856a2e04d - JotaSigs version 4 (2016-oct-24)

sha256: 754a600b4cef06d5c773440eb9ed1bc0e3ce208827399703ededd833a141a0fc

Requirements: Python 2.7

(All versions are beta versions)

**Shuffle** is a Python implementation of some functions described in the paper *'Shuffling Public Keys (A Peer-to-peer Voting Algorithm)'*.

The folder *'shuffle, with routing'* includes the main functions:

- Function
**pairs**tells the keys that must pair together to compute butterflies at each step. - Function
**simulate_shuffle**computes the worst probability between an honest person with a key/ballot in a simulated shuffle. It takes as inputs the number of total voters, the number of honest voters, and the number of rounds. - Function
**plot_rounds**estimates the expected worst probabilities for different number attackers and rounds.

- Shuffle version 1 (2019)

sha256: 0f38ca952150fe0c44422eb6e4aaef8c8f3e0be291edf686019566b68b87a3c7

Requirements: Python 2.7

The code is distributed under a 3-clause BSD license.

Papers and additional info describing the algorithms are available at:

jotasapiens.com/research

twitter.com/jotasapiens

Hosted by TuxFamily