The SPHINCS+ Signature Framework

Sep 1, 2019·
Daniel J. Bernstein
,
Andreas Hülsing
Stefan Kölbl
Stefan Kölbl
,
Ruben Niederhagen
,
Joost Rijneveld
,
Peter Schwabe
· 0 min read
Abstract
We introduce SPHINCS+, a stateless hash-based signature framework. SPHINCS+ has significant advantages over the state of the art in terms of speed, signature size, and security, and is among the nine remaining signature schemes in the second round of the NIST PQC standardization project. One of our main contributions in this context is a new few-time signature scheme that we call FORS. Our second main contribution is the introduction of tweakable hash functions and a demonstration how they allow for a unified security analysis of hash-based signature schemes. We give a security reduction for SPHINCS+ using this abstraction and derive secure parameters in accordance with the resulting bound. Finally, we present speed results for our optimized implementation of SPHINCS+ and compare to SPHINCS-256, Gravity-SPHINCS, and Picnic.
Type
Publication
publications
Hash-Based Signatures Post-Quantum
Authors
Daniel J. Bernstein
Authors
Andreas Hülsing
Stefan Kölbl
Authors
Stefan Kölbl
Staff Engineer, Tech Lead Manager

I am a Staff Engineer and Tech Lead Manager at Google, where I work in the Security Engineering team. My focus is on post-quantum cryptography and enabling developers at Google and across the internet to use cryptography safely and correctly.

I have a PhD in cryptography and an extensive background in the design and analysis of symmetric-key algorithms, post-quantum cryptography, and lightweight cryptography. I have contributed to several cryptographic standardization efforts, including the SKINNY cipher, which is part of the ISO/IEC 29192-2 standard. I also contributed to the SPHINCS+ signature scheme, which was standardized by NIST as FIPS 205. I currently represent Switzerland in the ISO/IEC JTC 1/SC 27/WG 2 committee for cryptography and security mechanisms.

Before joining Google, I was a Senior Technology Manager at Cybercrypt and a postdoctoral researcher at the Technical University of Denmark, working on the H2020 PQCRYPTO project.

%!s() %!s()
Authors
Ruben Niederhagen
Authors
Joost Rijneveld
Authors
Peter Schwabe