SLH-DSA (FIPS 205).

NIST's standardized stateless hash-based post-quantum signature scheme, derived from SPHINCS+ and published as FIPS 205 in August 2024 — the conservative PQ signature option, relying only on hash-function security. Es gehört zur Kategorie Kryptografie der Cybersicherheit.

NIST's standardized stateless hash-based post-quantum signature scheme, derived from SPHINCS+ and published as FIPS 205 in August 2024 — the conservative PQ signature option, relying only on hash-function security.

SLH-DSA (Stateless Hash-Based Digital Signature Algorithm), published as FIPS 205 on 13 August 2024, is NIST's conservative post-quantum signature standard, derived from SPHINCS+ . Unlike ML-DSA, which rests on lattice-problem assumptions, SLH-DSA's security depends solely on the properties of its underlying hash function (SHA-256 or SHAKE-256), giving it the strongest theoretical conservatism in the NIST PQC portfolio. The price is size and speed: SLH-DSA signatures range from about 8 KB to 50 KB depending on parameter set (small, fast, robust variants in 128, 192, and 256-bit categories), and signing is markedly slower than ML-DSA. That makes SLH-DSA well suited to use cases where signature size and signing throughput are secondary to long-term resilience and minimal assumption count — root-of-trust signatures, long-lived firmware keys, and certificates that may need to remain trustworthy decades from now. SLH-DSA is 'stateless', a major operational improvement over the stateful XMSS and LMS hash-based signatures, since the signer doesn't need to track which one-time keys have been used.

Schutzmaßnahmen gegen SLH-DSA (FIPS 205) kombinieren typischerweise technische Kontrollen und operative Praktiken, wie in der Definition oben beschrieben.

Übliche alternative Bezeichnungen: FIPS 205, SPHINCS+ (standardized), Stateless hash-based DSA.