PhoenixSig is a post-quantum digital signature framework designed to achieve Post-Compromise Security (PCS) — the ability to recover signing integrity even after full device state compromise. Unlike traditional digital signature schemes (including post-quantum standards like ML-DSA and SLH-DSA), which assume long-term private key secrecy, PhoenixSig treats key compromise as an inevitable operational reality. It introduces a three-layer architecture: PQC Signing Engine — Uses standard post-quantum algorithms (ML-DSA-65 / SLH-DSA) as the underlying signing primitive. DyLWE Deterministic State Evolution — A lattice-based (module-LWR) forward-only state ratchet that governs epoch-based key derivation, enabling auditability and deterministic testing. Phoenix Injection — A TEE-anchored entropy refresh mechanism (VaultKey) that ensures attackers who capture full device state at time t cannot forge signatures after a Phoenix refresh at time t+1. Key properties: Epoch-based ephemeral signing keys (no long-term private key) Merkle tree commitment for public key management Quarantine mode and anti-rollback protections PCS verified through adversarial testing (attacker-with-snapshot model) Status: Milestones M1–M3 complete (core + PCS tests passing). M4 (PQC backend integration) in progress. PhoenixSig targets deployment scenarios where compromise is expected: mobile devices, IoT, electronic warfare, and high-assurance enterprise environments.
Hung Dang (Thu,) studied this question.