College of Science

Clemson mathematicians’ collaborative digital signature is a candidate to become a national standard


A digital signature developed by researchers from Clemson University and three universities in Europe could become part of the national standard for encryption tools designed to protect the privacy of digital information against quantum computers in the future.

The U.S. National Institute of Standards and Technology (NIST) is holding a competition to select standard post-quantum digital signature algorithms that would securely authenticate email, credit card and bank transactions, and digital documents from unwanted third parties’ tampering.

The researchers’ CROSS (Codes and Restricted Objects Signature Scheme) proposal was named a candidate for standardization. 

Trying to break it

Now, researchers from around the world will try to break it.

“If you think about it, this is the best way to choose the standards,” said Felice Manganiello, an associate professor in the Clemson School of Mathematical and Statistical Sciences and one of the developers of CROSS. “Once they decide which proposals are the candidates, the rest of the world can try to attack them to find vulnerabilities. These systems are secure — until they are not anymore. So, these competitions are actually a healthy way to decide the standard by having a lot of people working on proving the security.”

Clemson graduate student Freeman Slaughter and researchers from Polytechnic University of Marche, Polytechnic University of Milan and Technical University of Munich also worked on the proposal.


Quantum computers could revolutionize the future of fields such as medicine, finance, energy and transportation by solving complex problems that are beyond the reach of even the best of today’s classic supercomputers. 

Headshot of Freeman Slaughter
Freeman Slaughter

Unlike conventional computers that perform computation and store information in binary form (1s and 0s), quantum computers exploit the strange properties of quantum physics to operate on information in multiple forms known as qubits. By leveraging two key phenomena — quantum superposition and entanglement — quantum computers can explore multiple solution pathways simultaneously, allowing them to solve problems that would take a classic computer too long to calculate.

With that power would come the ability to crack today’s standards for encryption and digital signatures, which rely on math problems that even a combination of the fastest conventional computers find intractable.

“The standards we have today would not be sufficient,” Manganiello said.

The NIST announced the first group of three digital signatures in July 2022 after a multi-year vetting process. It called for additional digital signature proposals in 2022. About 50 proposals were received and 40 were named candidates.

More secure

A digital signature is a mathematical algorithm used to validate the authenticity and integrity of an email, credit card transaction or digital document. Digital signatures create a virtual fingerprint that is unique to a person or entity and are used to identify users and protect information in digital messages or documents. Digital signatures are significantly more secure than other forms of electronic signatures, according to the Cybersecurity and Infrastructure Security Agency.

Six of the digital signature candidates are code-based signatures, including CROSS.

Manganiello said that after the NIST’s first call for proposals several years ago, researchers realized that code-based cryptography was not competitive because it led to large signatures.

“The code-based problems were the oldest and safest problems, but they were leading to very large signatures. That made the whole community start working on what could be done to decrease these signature sizes,” he said.

While CROSS is code-based, it uses Merkle trees and zero-knowledge protocols to make the signatures shorter.

“Our digital signature algorithm is competitive because the signatures are quite small and the speed of computing them is faster with respect to the other candidates,” he said. “The only issue is that the system is based on a more recent problem than others and there’s not as much literature attacking it,” he said.

Manganiello said it could take several years for the NIST to decide whether the researchers’ algorithm will be selected as a standard.

Want to Discuss?

Get in touch and we will connect you with the author or another expert.

Or email us at

    This form is protected by reCAPTCHA and the Google Privacy Policy and Terms of Service apply.