SPHINCS+是一种无状态的数字签名算法.2022年11月,美国国家标准与技术研究院(NIST)宣布SPHINCS+成为即将被标准化的后量子数字签名算法,目前已进入具体参数选取的讨论阶段.SPHINCS+的安全性仅依赖于其所使用的杂凑函数的抗某种变体的(第二)原像攻击的强度,从安全性角度看,基于杂凑函数的数字签名方案是最保守的设计.在第四届NIST后量子密码标准化会议中,NIST 后量子密码(NIST PQC)团队 Dustin Moody 在他的报告"NIST PQC:Looking into the future"中指出了选择SPHINCS+的原因:坚实的安全性以及其基于与格密码不同的安全性假设.本文利用杂凑函数SM3实例化SPHINCS+,给出了 2组达到NIST后量子密码算法征集文档(NIST PQC CFP)中第1安全等级的参数实例,并进行了初步的性能测试.
SPHINCS+is a stateless hash-based digital signature scheme.In November 2022,the National Institute of Standards and Technology(NIST)announced that SPHINCS+will be standard-ized,and has started the discussion of the parameter selection.The security of SPHINCS+relies solely on a variant of the(second)pre-image resistance of the underlying hash functions.Hash-based signature schemes are believed to be the most conservative signature designs with respect to security.At the Fourth PQC Standardization Conference,Dustin Moody from the NIST PQC team stated in the report"NIST PQC:Looking into the future"that,SPHINCS+is selected for its solid security and it is based on a different set of assumptions from lattices.This paper instantiates the SPHINCS+framework with SM3,provides two sets of parameters fulfilling the level-1 security specified in the NIST PQC call for proposals,and presents some results of preliminary performance test.