Home

SPHINCS

SPHINCS stands for Stateless Practical Hash-Based Signatures. It is a family of post-quantum digital signature schemes that rely on cryptographic hash functions rather than traditional number-theoretic problems. A key feature is statelessness: unlike other hash-based schemes that require keeping state about used keys, SPHINCS derives signing material in a way that does not require maintaining a signing state between invocations.

SPHINCS uses a layered Merkle-tree construction called a hypertree. Leaves of the hypertree are one-time signatures,

Key generation produces seeds for the hypertree layers; private constants are derived deterministically from these seeds.

SPHINCS+ is a refined version with adjustable parameter sets to trade security, speed, and signature size. Its

typically
WOTS+.
A
separate
component
called
FORS
(Forest
of
Random
Subsets)
signs
short
digests,
providing
a
way
to
sign
many
messages
with
a
small
amount
of
private
material.
A
complete
SPHINCS
signature
includes
a
FORS
signature,
a
set
of
WOTS+
signatures
along
the
hypertree
paths,
and
the
authentication
data
needed
to
verify
the
internal
nodes.
The
public
key
is
the
root
of
the
top-level
tree.
The
public
key
is
the
top
root.
To
sign,
the
message
is
hashed
to
a
digest,
FORS
signs
the
digest,
and
the
remaining
layers
provide
the
authentication
information
to
link
the
signature
to
the
root.
Verification
reconstructs
the
root
from
the
signature
and
checks
it
against
the
public
key.
security
rests
on
standard
hash-function
assumptions.
It
was
developed
in
the
context
of
the
NIST
post-quantum
cryptography
process
and
remains
a
central
example
of
hash-based,
stateless
signatures.
Signatures
are
relatively
large
and
signing
can
be
slower
than
traditional
schemes,
but
verification
is
efficient
and
quantum-resistant.