Paper 2022/1725

A note on SPHINCS+ parameter sets

Stefan Kölbl, Google
Jade Philipoom, Google, Open Titan
Abstract

In this note, we explore parameter sets for SPHINCS+ which support a smaller number of signatures than $2^{64}$, but are otherwise compatible with the SLH-DSA specification. In practice, use cases for which a low number of signatures per key pair suffice are common, and as we will show this allows a significant reduction in signature size and verification speed for SPHINCS+. For this we carry out a larger search through the SPHINCS+ parameter space, comparing it with the current parameter sets and further showing that for carefully chosen parameter the security degrades slowly if one exceeds the limits. Finally, we provide a case study for firmware signing on OpenTitan to demonstrate the efficiency of these alternative parameters.

Metadata
Available format(s)
PDF
Category
Public-key cryptography
Publication info
Preprint.
Keywords
Hash-based signaturespost-quantumSPHINCS+
Contact author(s)
kste @ google com
jadep @ google com
History
2024-01-09: revised
2022-12-14: received
See all versions
Short URL
https://ia.cr/2022/1725
License
No rights reserved
CC0

BibTeX 

@misc{cryptoeprint:2022/1725,
      author = {Stefan Kölbl and Jade Philipoom},
      title = {A note on SPHINCS+ parameter sets},
      howpublished = {Cryptology ePrint Archive, Paper 2022/1725},
      year = {2022},
      note = {\url{https://eprint.iacr.org/2022/1725}},
      url = {https://eprint.iacr.org/2022/1725}
}
Note: In order to protect the privacy of readers, eprint.iacr.org does not use cookies or embedded third party content.