The SPHINCS+ signature framework

Daniel J. Bernstein, Andreas Hülsing, Stefan Kölbl, Ruben Niederhagen, Joost Rijneveld, Peter Schwabe

Research output: Chapter in Book/Report/Conference proceedingConference contributionAcademicpeer-review

6 Downloads (Pure)

Abstract

We introduce SPHINCS+, a stateless hash-based signature framework. SPHINCS+ has significant advantages over the state of the art in terms of speed, signature size, and security, and is among the nine remaining signature schemes in the second round of the NIST PQC standardization project. One of our main contributions in this context is a new few-time signature scheme that we call FORS. Our second main contribution is the introduction of tweakable hash functions and a demonstration how they allow for a unified security analysis of hash-based signature schemes. We give a security reduction for SPHINCS+ using this abstraction and derive secure parameters in accordance with the resulting bound. Finally, we present speed results for our optimized implementation of SPHINCS+ and compare to SPHINCS-256, Gravity-SPHINCS, and Picnic.

Original languageEnglish
Title of host publicationCCS 2019 - Proceedings of the 2019 ACM SIGSAC Conference on Computer and Communications Security
Place of PublicationNew York
PublisherAssociation for Computing Machinery, Inc
Pages2129-2146
Number of pages18
ISBN (Electronic)978-1-4503-6747-9
DOIs
Publication statusPublished - 6 Nov 2019
Event26th ACM SIGSAC Conference on Computer and Communications Security, CCS 2019 - London, United Kingdom
Duration: 11 Nov 201915 Nov 2019

Conference

Conference26th ACM SIGSAC Conference on Computer and Communications Security, CCS 2019
CountryUnited Kingdom
CityLondon
Period11/11/1915/11/19

Fingerprint

Hash functions
Standardization
Gravitation
Demonstrations

Keywords

  • Exact security
  • Hash-based signatures
  • NIST PQC
  • Post-quantum cryptography
  • SPHINCS
  • Stateless
  • Tweakable hash functions

Cite this

Bernstein, D. J., Hülsing, A., Kölbl, S., Niederhagen, R., Rijneveld, J., & Schwabe, P. (2019). The SPHINCS+ signature framework. In CCS 2019 - Proceedings of the 2019 ACM SIGSAC Conference on Computer and Communications Security (pp. 2129-2146). New York: Association for Computing Machinery, Inc. https://doi.org/10.1145/3319535.3363229
Bernstein, Daniel J. ; Hülsing, Andreas ; Kölbl, Stefan ; Niederhagen, Ruben ; Rijneveld, Joost ; Schwabe, Peter. / The SPHINCS+ signature framework. CCS 2019 - Proceedings of the 2019 ACM SIGSAC Conference on Computer and Communications Security. New York : Association for Computing Machinery, Inc, 2019. pp. 2129-2146
@inproceedings{fef05df00053450f9ff7124636e7d6b9,
title = "The SPHINCS+ signature framework",
abstract = "We introduce SPHINCS+, a stateless hash-based signature framework. SPHINCS+ has significant advantages over the state of the art in terms of speed, signature size, and security, and is among the nine remaining signature schemes in the second round of the NIST PQC standardization project. One of our main contributions in this context is a new few-time signature scheme that we call FORS. Our second main contribution is the introduction of tweakable hash functions and a demonstration how they allow for a unified security analysis of hash-based signature schemes. We give a security reduction for SPHINCS+ using this abstraction and derive secure parameters in accordance with the resulting bound. Finally, we present speed results for our optimized implementation of SPHINCS+ and compare to SPHINCS-256, Gravity-SPHINCS, and Picnic.",
keywords = "Exact security, Hash-based signatures, NIST PQC, Post-quantum cryptography, SPHINCS, Stateless, Tweakable hash functions",
author = "Bernstein, {Daniel J.} and Andreas H{\"u}lsing and Stefan K{\"o}lbl and Ruben Niederhagen and Joost Rijneveld and Peter Schwabe",
year = "2019",
month = "11",
day = "6",
doi = "10.1145/3319535.3363229",
language = "English",
pages = "2129--2146",
booktitle = "CCS 2019 - Proceedings of the 2019 ACM SIGSAC Conference on Computer and Communications Security",
publisher = "Association for Computing Machinery, Inc",
address = "United States",

}

Bernstein, DJ, Hülsing, A, Kölbl, S, Niederhagen, R, Rijneveld, J & Schwabe, P 2019, The SPHINCS+ signature framework. in CCS 2019 - Proceedings of the 2019 ACM SIGSAC Conference on Computer and Communications Security. Association for Computing Machinery, Inc, New York, pp. 2129-2146, 26th ACM SIGSAC Conference on Computer and Communications Security, CCS 2019, London, United Kingdom, 11/11/19. https://doi.org/10.1145/3319535.3363229

The SPHINCS+ signature framework. / Bernstein, Daniel J.; Hülsing, Andreas; Kölbl, Stefan; Niederhagen, Ruben; Rijneveld, Joost; Schwabe, Peter.

CCS 2019 - Proceedings of the 2019 ACM SIGSAC Conference on Computer and Communications Security. New York : Association for Computing Machinery, Inc, 2019. p. 2129-2146.

Research output: Chapter in Book/Report/Conference proceedingConference contributionAcademicpeer-review

TY - GEN

T1 - The SPHINCS+ signature framework

AU - Bernstein, Daniel J.

AU - Hülsing, Andreas

AU - Kölbl, Stefan

AU - Niederhagen, Ruben

AU - Rijneveld, Joost

AU - Schwabe, Peter

PY - 2019/11/6

Y1 - 2019/11/6

N2 - We introduce SPHINCS+, a stateless hash-based signature framework. SPHINCS+ has significant advantages over the state of the art in terms of speed, signature size, and security, and is among the nine remaining signature schemes in the second round of the NIST PQC standardization project. One of our main contributions in this context is a new few-time signature scheme that we call FORS. Our second main contribution is the introduction of tweakable hash functions and a demonstration how they allow for a unified security analysis of hash-based signature schemes. We give a security reduction for SPHINCS+ using this abstraction and derive secure parameters in accordance with the resulting bound. Finally, we present speed results for our optimized implementation of SPHINCS+ and compare to SPHINCS-256, Gravity-SPHINCS, and Picnic.

AB - We introduce SPHINCS+, a stateless hash-based signature framework. SPHINCS+ has significant advantages over the state of the art in terms of speed, signature size, and security, and is among the nine remaining signature schemes in the second round of the NIST PQC standardization project. One of our main contributions in this context is a new few-time signature scheme that we call FORS. Our second main contribution is the introduction of tweakable hash functions and a demonstration how they allow for a unified security analysis of hash-based signature schemes. We give a security reduction for SPHINCS+ using this abstraction and derive secure parameters in accordance with the resulting bound. Finally, we present speed results for our optimized implementation of SPHINCS+ and compare to SPHINCS-256, Gravity-SPHINCS, and Picnic.

KW - Exact security

KW - Hash-based signatures

KW - NIST PQC

KW - Post-quantum cryptography

KW - SPHINCS

KW - Stateless

KW - Tweakable hash functions

UR - http://www.scopus.com/inward/record.url?scp=85075952271&partnerID=8YFLogxK

U2 - 10.1145/3319535.3363229

DO - 10.1145/3319535.3363229

M3 - Conference contribution

AN - SCOPUS:85075952271

SP - 2129

EP - 2146

BT - CCS 2019 - Proceedings of the 2019 ACM SIGSAC Conference on Computer and Communications Security

PB - Association for Computing Machinery, Inc

CY - New York

ER -

Bernstein DJ, Hülsing A, Kölbl S, Niederhagen R, Rijneveld J, Schwabe P. The SPHINCS+ signature framework. In CCS 2019 - Proceedings of the 2019 ACM SIGSAC Conference on Computer and Communications Security. New York: Association for Computing Machinery, Inc. 2019. p. 2129-2146 https://doi.org/10.1145/3319535.3363229