SPHINCS+ A stateless hash-based signature scheme (SLA-DSA)

In this series of pages on SPHINCS+ (SLA-DSA), we take an in-depth look at the calculations required to compute a specific SPHINCS+ signature and present some background basics.

SPHINCS+ [SPHINCSPLUS] is a stateless hash-based signature scheme. It is a post-quantum cryptosystem (PQC) and should still be secure even if it proves feasible for an attacker to build a quantum computer. The security of SPHINCS+ against both classical and post-quantum attacks depends solely on the properties of a cryptographic hash function.

In June 2022, SPHINCS+ was chosen by NIST as one of the first four quantum-resistant cryptographic signature algorithms in NIST's post-quantum cryptography standardization project.

2023-08-24: The algorithm formerly known as SPHINCS+ is now SLH-DSA, the StateLess Hash-based Digital Signature Algorithm, provisionally described in the NIST draft FIPS 205 Stateless Hash-Based Digital Signature Standard. For convenience, we'll continue calling it SPHINCS+ here.

As background, we look at the building blocks of hash-based signature schemes, based on the seminal works by Lamport, Diffie, Winternitz, and Merkle.

Then we look at an real example SPHINCS+ signature, taken from the round 3 submission to NIST by the SPHINCS+ team in October 2020. We show the calculations to compute the various values in the signature, and provide some crude Python code to duplicate the results.

Contents

Part A. Basics of hash-based signature schemes

Properties of a cryptographic hash function
Lamport one-time signature (OTS)
Winternitz improvement (WOTS)
Merkle Tree
Basic Merkle Signature Scheme
Few Time Signature (FTS)

Part B. Analysis of example SPHINCS+ signature

SPHINCS+ Python Code
SPHINCS+ References

Contact us

To comment on this page or to contact us, please send us a message.

This page first published 17 March 2023. Last updated 3 September 2023.