add parameters

[Imported from Trac: page OneHundredYearCryptography, version 7]

OneHundredYearCryptography.md

@@ -29,7 +29,24 @@ David-Sarah has proposed to use hash-based digital signatures.
  * <http://tahoe-lafs.org/pipermail/tahoe-dev/2010-June/004509.html>
  * <http://tahoe-lafs.org/pipermail/tahoe-dev/2010-July/004587.html>
 
-Brian and David-Sarah wrote [a simulator](OneHundredYearCryptography)/hashbasedsig.py or two to explore performance trade-offs in hash-based signature parameters. The output of one run is this:
+Brian and David-Sarah wrote [a simulator](OneHundredYearCryptography)/hashbasedsig.py or two to explore performance trade-offs in hash-based signature parameters. The output of one run with the following parameters is this:
+```
+# range of hash output lengths
+range_L_hash = [128]
+
+lg_M = 53                   # lg(required number of signatures before losing security)
+
+limit_bytes = 480000        # limit on signature length
+limit_cost = 500            # limit on Mcycles_Sig + weight_ver*Mcycles_ver
+weight_ver = 1              # how important verification cost is relative to signature cost
+                            # (note: setting this too high will just exclude useful candidates)
+
+L_block = 512               # bitlength of hash input blocks
+L_pad   = 64                # bitlength of hash padding overhead (for M-D hashes)
+L_label = 80                # bitlength of hash position label
+L_prf   = 256               # bitlength of hash output when used as a PRF
+cycles_per_byte = 15.8      # cost of hash
+```
 ```
   w   A   h    T    lg_N   L_GMSS (bytes)   c_S_mean (Mcycles)  c_S_worst (Mcycles)   score
  13  18   1   62   258.5    97524 (12191)      97272 (  98.36)     193095 ( 195.26)    +5.4 %