Keyless signature infrastructure and PKI: hash-tree signatures in pre- and post-quantum world

Multi-tenancy in the cloud environment brings new challenges to data security including but not limited to trust, data and system integrity and the overhead of cryptographic key management. These challenges can be efficiently addressed using novel data signing schemes. We compare personal digital signature solutions provided by public key infrastructure (PKI) and keyless signature infrastructure (KSI) and describe how these technologies can support each other. We discuss some ways of integrating a personal KSI service with external identity providers. As KSI can 'indemnify' PKI against the cryptographic threat of practical quantum computers, we delve into the post-quantum security of cryptographic hash functions and hash-and-publish signature schemes.