Surnaming schemes, fast verification, and applications to SGX technology

Dan Boneh, Shay Gueron

Research output: Chapter in Book/Report/Conference proceedingChapterpeer-review


We introduce a new cryptographic primitive that we call surnaming, which is closely related to digital signatures, but has different syntax and security requirements. While surnaming can be constructed from a digital signature, we show that a direct construction can be somewhat simpler. We explain how surnaming plays a central role in Intel’s new Software Guard Extensions (SGX) technology, and present its specific surnaming implementation as a special case. These results explain why SGX does not require a PKI or pinned keys for authorizing enclaves. SGX motivates an interesting question in digital signature design: for reasons explained in the paper, it requires a digital signature scheme where verification must be as fast as possible, the public key must be short, but signature size is less important. We review the RSA-based method currently used in SGX and evaluate its performance. Finally, we propose a new hash-based signature scheme where verification time is much faster than the RSA scheme used in SGX. Our scheme can be scaled to provide post-quantum security, thus offering a viable alternative to the current SGX surnaming system, for a time when post-quantum security becomes necessary.

Original languageEnglish
Title of host publicationLecture Notes in Computer Science (including subseries Lecture Notes in Artificial Intelligence and Lecture Notes in Bioinformatics)
PublisherSpringer Verlag
Number of pages16
StatePublished - 1 Jan 2017

Publication series

NameLecture Notes in Computer Science (including subseries Lecture Notes in Artificial Intelligence and Lecture Notes in Bioinformatics)
ISSN (Print)0302-9743
ISSN (Electronic)1611-3349

Bibliographical note

Funding Information:
The first author is supported by NSF, DARPA, the Simons foundation, and a grant from ONR. Opinions, findings and conclusions or recommendations expressed in this material are those of the author(s) and do not necessarily reflect the views of DARPA. The second author is supported by the PQCRYPTO project, which is partially funded by the European Commission Horizon 2020 research Programme, grant #645622, by the Blavatnik Interdisciplinary Cyber Research Center (ICRC) at the Tel Aviv University, and by the ISRAEL SCIENCE FOUNDATION (grant No. 1018/16).

Publisher Copyright:
© Springer International Publishing AG 2017.


  • Digital signatures
  • Fast verification
  • Post-quantum secure signatures
  • Software guard extensions (SGX) technology

ASJC Scopus subject areas

  • Theoretical Computer Science
  • Computer Science (all)


Dive into the research topics of 'Surnaming schemes, fast verification, and applications to SGX technology'. Together they form a unique fingerprint.

Cite this