Paper 2025/298
Stateless Hash-Based Signatures for Post-Quantum Security Keys
Abstract
The U.S. National Institute of Standards and Technology recently standardized the first set of post-quantum cryptography algo- rithms. These algorithms address the quantum threat, but also present new challenges due to their larger memory and computational footprint. Three of the four standardized algorithms are lattice based, offering good performance but posing challenges due to complex implementation and intricate security assumptions. A more conservative choice for quantum- safe authentication are hash-based signature systems. However, due to large signature sizes and low signing speeds, hash-based systems have only found use in niche applications. The first NIST standardized, state- less hash-based signature system is the SPHINCS+-based SLH-DSA. In this work we combine different approaches to show that SPHINCS+ can be optimized in its parameters and implementation, to be high per- forming, even when signing in an embedded setting. We demonstrate this in the context of user authentication using hardware security keys within FIDO. Our SPHINCS+-based implementation can even outper- form lattice-based solutions while remaining highly portable. Due to con- servative security assumptions, our solution does not require a hybrid construction and can perform authentication on current security keys. For reproducibility and to encourage further research we publish our Cortex M4-based implementation.
Metadata
- Available format(s)
-
PDF
- Category
- Implementation
- Publication info
- Preprint.
- Keywords
- PQCSPHINCS+HashLWCFIDOCortex-M4
- Contact author(s)
- mail @ ruben-gonzalez de
- History
- 2025-02-21: approved
- 2025-02-20: received
- See all versions
- Short URL
- https://ia.cr/2025/298
- License
-
CC BY
BibTeX
@misc{cryptoeprint:2025/298, author = {Ruben Gonzalez}, title = {Stateless Hash-Based Signatures for Post-Quantum Security Keys}, howpublished = {Cryptology {ePrint} Archive, Paper 2025/298}, year = {2025}, url = {https://eprint.iacr.org/2025/298} }