LMS Keys - FAQs

1.0 Frequently Asked Questions

  1. What are Fortanix's limitations on LMS Key tree size?
    Fortanix LMS implementation is a two-level Hierarchical Signature System (HSS) whose heights are a list of heights [h₁, h₂] respectively. Where h₁ is the height of the top-level tree and h₂ is the height of the secondary-level tree. The sum of the h₁ tree height and h₂ tree height must not exceed 25. For example, two trees with heights h₁ + h₂ <= 25. Where h₁ and h₂ are multiple of 5.
  2. How many signatures can an LMS key perform for the lifetime of the key?
    The "key capacity" is the number of signatures that an LMS key can perform for its lifetime.
    It is equal to 2 ^ (h₁ + h₂).
    For example, a (5,5) key or tree can produce 1024 signatures.
  3. What does an LMS signature look like? How would it be verified by an external library?
    See RFC8554 - Section 6.2 and RFC8708 - Section 2.2.
    Since there are two trees (h₁ and h₂), there is only one signed public key. Fortanix also includes the public key. One LMS signature that is needed to define HSS on the next layer is serialized into 1132 + 32 × h bytes.
  4. Is there a way to check the number of signing for LMS keys?
    Users need to keep track of the number of signatures that are produced.
  5. What RSC are we using for LMS-based certificates?
    Fortanix does not format LMS keys in certificates.
  6. Can the Fortanix PKCS#11 library handle verification for signing for external apps?
    PKCS#11 will verify any valid signature within the available PKCS#11 supported mechanisms as long as the input signature is in a format that PKCS#11 understands. LMS is not supported in PKCS#11.
  7. What are Fortanix’s stance and best practices for CSR generations?
    Some best practices are:
    • Add the CA key inside Fortanix DSM and adequately verify the CSR for authentication before signing.


Please sign in to leave a comment.

Was this article helpful?
0 out of 0 found this helpful