Stateless hash-based signatures


SPHINCS+ is a stateless hash-based signature scheme, which was submitted to the NIST post-quantum crypto project. The design advances the SPHINCS signature scheme, which was presented at EUROCRYPT 2015. It incorporates multiple improvements, specifically aimed at reducing signature size. For a quick overview of the changes from SPHINCS to SPHINCS+ see the blog post by Andreas Hülsing. The submission proposes three different signature schemes:

  • SPHINCS+-SHA-256
  • SPHINCS+-Haraka

These signature schemes are obtained by instantiating the SPHINCS+ construction with SHAKE256, SHA-256, and Haraka, respectively.

The second round submission of SPHINCS+ introduces a split of the above three signature schemes into a simple and a robust variant for each choice of hash function. The robust variant is exactly the SPHINCS+ version from the first round submission and comes with all the conservative security guarantees given before. The simple variants are pure random oracle instantiations. These instantiations achieve about a factor three speed-up compared to the robust counterparts. This comes at the cost of a purely heuristic security argument.


  • 2020-10-28: Third round submission added to website
  • 2019-09-23: The SPHINCS+ team published two papers to appear at this years CCS and Asiacrypt. The first paper introduces decisional second preimage resistance(DSPR). DSPR is a new concept that allows to remove a statistical assumption on the used hash function which was previously required to achieve a tight security reduction for SPHINCS+. The second paper gives a new tight security proof for SPHINCS+, using DSPR, introduces the abstraction of tweakable hash functions, and compares SPHINCS+ to other symmetric-cryptography-based signature schemes.
  • 2019-06-25: Second round submission added to website
  • 2017-12-19: SPHINCS+ website is online
  • 2017-12-04: Blog post summarizing the design of SPHINCS+
  • 2017-11-30: SPHINCS+ proposal submitted to the NIST PQC project