The SPHINCS+ signature framework

Daniel J. Bernstein; Andreas Hülsing; Stefan Kölbl; Ruben Niederhagen; Joost Rijneveld; Peter Schwabe

doi:10.1145/3319535.3363229

The SPHINCS⁺ signature framework

Daniel J. Bernstein, Andreas Hülsing, Stefan Kölbl, Ruben Niederhagen, Joost Rijneveld, Peter Schwabe

Coding Theory and Cryptology

Research output: Chapter in Book/Report/Conference proceeding › Conference contribution › Academic › peer-review

200 Citations (Scopus)

785 Downloads (Pure)

Abstract

We introduce SPHINCS⁺, a stateless hash-based signature framework. SPHINCS⁺ has significant advantages over the state of the art in terms of speed, signature size, and security, and is among the nine remaining signature schemes in the second round of the NIST PQC standardization project. One of our main contributions in this context is a new few-time signature scheme that we call FORS. Our second main contribution is the introduction of tweakable hash functions and a demonstration how they allow for a unified security analysis of hash-based signature schemes. We give a security reduction for SPHINCS⁺ using this abstraction and derive secure parameters in accordance with the resulting bound. Finally, we present speed results for our optimized implementation of SPHINCS⁺ and compare to SPHINCS-256, Gravity-SPHINCS, and Picnic.

Original language	English
Title of host publication	CCS 2019 - Proceedings of the 2019 ACM SIGSAC Conference on Computer and Communications Security
Place of Publication	New York
Publisher	Association for Computing Machinery, Inc.
Pages	2129-2146
Number of pages	18
ISBN (Electronic)	978-1-4503-6747-9
DOIs	https://doi.org/10.1145/3319535.3363229
Publication status	Published - 6 Nov 2019
Event	26th ACM SIGSAC Conference on Computer and Communications Security, CCS 2019 - London, United Kingdom Duration: 11 Nov 2019 → 15 Nov 2019

Conference

Conference	26th ACM SIGSAC Conference on Computer and Communications Security, CCS 2019
Country/Territory	United Kingdom
City	London
Period	11/11/19 → 15/11/19

Funding

The authors would like to thank Jean-Philippe Aumasson, Christoph Dobraunig, Maria Eichlseder, Scott Fluhrer, Stefan-Lukas Gazdag, Panos Kampanakis, Tanja Lange, Martin M. Lauridsen, Florian Mendel, and Christian Rechberger, for their support and comments, and the anonymous reviewers of CCS for finding a mistake in an earlier version of this work. This work has been supported by the European Research Council through Starting Grant No. 805031 (EPOQUE), by Cisco under the University Research Program, by the U.S. National Science Foundation under grant 1913167, and by the German Research Foundation under Cluster of Excellence 2092 ?CASA: Cyber Security in the Age of Large-Scale Adversaries?.

Keywords

Exact security
Hash-based signatures
NIST PQC
Post-quantum cryptography
SPHINCS
Stateless
Tweakable hash functions

Access to Document

10.1145/3319535.3363229

publishers versionFinal published version, 2.64 MB

Cite this

@inproceedings{fef05df00053450f9ff7124636e7d6b9,

title = "The SPHINCS+ signature framework",

abstract = "We introduce SPHINCS+, a stateless hash-based signature framework. SPHINCS+ has significant advantages over the state of the art in terms of speed, signature size, and security, and is among the nine remaining signature schemes in the second round of the NIST PQC standardization project. One of our main contributions in this context is a new few-time signature scheme that we call FORS. Our second main contribution is the introduction of tweakable hash functions and a demonstration how they allow for a unified security analysis of hash-based signature schemes. We give a security reduction for SPHINCS+ using this abstraction and derive secure parameters in accordance with the resulting bound. Finally, we present speed results for our optimized implementation of SPHINCS+ and compare to SPHINCS-256, Gravity-SPHINCS, and Picnic.",

keywords = "Exact security, Hash-based signatures, NIST PQC, Post-quantum cryptography, SPHINCS, Stateless, Tweakable hash functions",

author = "Bernstein, \{Daniel J.\} and Andreas H{\"u}lsing and Stefan K{\"o}lbl and Ruben Niederhagen and Joost Rijneveld and Peter Schwabe",

year = "2019",

month = nov,

day = "6",

doi = "10.1145/3319535.3363229",

language = "English",

pages = "2129--2146",

booktitle = "CCS 2019 - Proceedings of the 2019 ACM SIGSAC Conference on Computer and Communications Security",

publisher = "Association for Computing Machinery, Inc.",

address = "United States",

note = "26th ACM SIGSAC Conference on Computer and Communications Security, CCS 2019 ; Conference date: 11-11-2019 Through 15-11-2019",

}

Bernstein, DJ, Hülsing, A, Kölbl, S, Niederhagen, R, Rijneveld, J & Schwabe, P 2019, The SPHINCS⁺ signature framework. in CCS 2019 - Proceedings of the 2019 ACM SIGSAC Conference on Computer and Communications Security. Association for Computing Machinery, Inc., New York, pp. 2129-2146, 26th ACM SIGSAC Conference on Computer and Communications Security, CCS 2019, London, United Kingdom, 11/11/19. https://doi.org/10.1145/3319535.3363229

The SPHINCS⁺ signature framework. / Bernstein, Daniel J.; Hülsing, Andreas; Kölbl, Stefan et al.
CCS 2019 - Proceedings of the 2019 ACM SIGSAC Conference on Computer and Communications Security. New York: Association for Computing Machinery, Inc., 2019. p. 2129-2146.

Research output: Chapter in Book/Report/Conference proceeding › Conference contribution › Academic › peer-review

TY - GEN

T1 - The SPHINCS+ signature framework

AU - Bernstein, Daniel J.

AU - Hülsing, Andreas

AU - Kölbl, Stefan

AU - Niederhagen, Ruben

AU - Rijneveld, Joost

AU - Schwabe, Peter

PY - 2019/11/6

Y1 - 2019/11/6

N2 - We introduce SPHINCS+, a stateless hash-based signature framework. SPHINCS+ has significant advantages over the state of the art in terms of speed, signature size, and security, and is among the nine remaining signature schemes in the second round of the NIST PQC standardization project. One of our main contributions in this context is a new few-time signature scheme that we call FORS. Our second main contribution is the introduction of tweakable hash functions and a demonstration how they allow for a unified security analysis of hash-based signature schemes. We give a security reduction for SPHINCS+ using this abstraction and derive secure parameters in accordance with the resulting bound. Finally, we present speed results for our optimized implementation of SPHINCS+ and compare to SPHINCS-256, Gravity-SPHINCS, and Picnic.

AB - We introduce SPHINCS+, a stateless hash-based signature framework. SPHINCS+ has significant advantages over the state of the art in terms of speed, signature size, and security, and is among the nine remaining signature schemes in the second round of the NIST PQC standardization project. One of our main contributions in this context is a new few-time signature scheme that we call FORS. Our second main contribution is the introduction of tweakable hash functions and a demonstration how they allow for a unified security analysis of hash-based signature schemes. We give a security reduction for SPHINCS+ using this abstraction and derive secure parameters in accordance with the resulting bound. Finally, we present speed results for our optimized implementation of SPHINCS+ and compare to SPHINCS-256, Gravity-SPHINCS, and Picnic.

KW - Exact security

KW - Hash-based signatures

KW - NIST PQC

KW - Post-quantum cryptography

KW - SPHINCS

KW - Stateless

KW - Tweakable hash functions

UR - http://www.scopus.com/inward/record.url?scp=85075952271&partnerID=8YFLogxK

U2 - 10.1145/3319535.3363229

DO - 10.1145/3319535.3363229

M3 - Conference contribution

AN - SCOPUS:85075952271

SP - 2129

EP - 2146

BT - CCS 2019 - Proceedings of the 2019 ACM SIGSAC Conference on Computer and Communications Security

PB - Association for Computing Machinery, Inc.

CY - New York

T2 - 26th ACM SIGSAC Conference on Computer and Communications Security, CCS 2019

Y2 - 11 November 2019 through 15 November 2019

ER -