Paper 2015/1042

ARMed SPHINCS -- Computing a 41KB signature in 16KB of RAM

Andreas Hülsing, Joost Rijneveld, and Peter Schwabe

Abstract

This paper shows that it is feasible to implement the stateless hash-based signature scheme SPHINCS-256 on an embedded microprocessor with memory even smaller than a signature and limited computing power. We demonstrate that it is possible to generate and verify the 41\,KB signature on an ARM Cortex M3 that only has 16\,KB of memory available. We provide benchmarks for our implementation which show that this can be used in practice. To analyze the costs of using the stateless SPHINCS scheme instead of its stateful alternatives, we also implement XMSS$^{MT}$ on this platform and give a comparison.

Note: After further optimizations, we were able to reduce the cycle counts reported in this work.

Metadata
Available format(s)
PDF
Category
Implementation
Publication info
Preprint. MINOR revision.
Keywords
post-quantum cryptographyhash-based signature schemesmicrocontrollerresource-constrained devicesARM Cortex M3SPHINCS-256XMSS^{MT}
Contact author(s)
armedsphincs @ cryptojedi org
History
2016-02-03: revised
2015-10-28: received
See all versions
Short URL
https://ia.cr/2015/1042
License
Creative Commons Attribution
CC BY

BibTeX 

@misc{cryptoeprint:2015/1042,
      author = {Andreas Hülsing and Joost Rijneveld and Peter Schwabe},
      title = {{ARMed} {SPHINCS} -- Computing a {41KB} signature in {16KB} of {RAM}},
      howpublished = {Cryptology {ePrint} Archive, Paper 2015/1042},
      year = {2015},
      url = {https://eprint.iacr.org/2015/1042}
}
Note: In order to protect the privacy of readers, eprint.iacr.org does not use cookies or embedded third party content.