Cryptology ePrint Archive: Report 2017/645

SPHINCS-Simpira: Fast Stateless Hash-based Signatures with Post-quantum Security

Shay Gueron and Nicky Mouha

Abstract: We introduce SPHINCS-Simpira, which is a variant of the SPHINCS signature scheme with Simpira as a building block. SPHINCS was proposed by Bernstein et al. at EUROCRYPT 2015 as a hash-based signature scheme with post-quantum security. At ASIACRYPT 2016, Gueron and Mouha introduced the Simpira family of cryptographic permutations, which delivers high throughput on modern 64-bit processors by using only one building block: the AES round function. The Simpira family claims security against structural distinguishers with a complexity up to 2^128 using classical computers. In this document, we explain why the same claim can be made against quantum computers as well. Although Simpira follows a very conservative design strategy, our benchmarks show that SPHINCS-Simpira provides a 1.5x speed-up for key generation, a 1.4x speed-up for signing 59-byte messages, and a 2.0x speed-up for verifying 59-byte messages compared to the originally proposed SPHINCS-256.

Category / Keywords: implementation / Simpira, SPHINCS, post-quantum security, hash-based signature, AES-NI

Date: received 29 Jun 2017

Contact author: nicky at mouha be

Available format(s): PDF | BibTeX Citation

Version: 20170705:211759 (All versions of this report)

Short URL:

Discussion forum: Show discussion | Start new discussion

[ Cryptology ePrint archive ]