SPHINCS+
What is SPHINCS+?
SPHINCS+A stateless hash-based digital-signature scheme standardized by NIST as FIPS 205 (SLH-DSA) in August 2024, offering conservative post-quantum security with no structured-math assumptions.
SPHINCS+ is a stateless hash-based signature scheme that combines few-time Winternitz signatures with hypertrees and FORS, deriving its security purely from the properties of an underlying hash function (SHA-2 or SHAKE). Because the security argument relies only on hash-function assumptions, it is the most conservative NIST PQC choice and a useful hedge against future cryptanalysis of lattice problems. NIST finalized it as FIPS 205 (SLH-DSA) in August 2024 with multiple parameter sets balancing signature size (around 8-50 kB) against signing speed. Typical use cases include long-lived firmware and software signing, where verification cost is acceptable and longevity matters most.
● Examples
- 01
Used for firmware-update signing on devices that must remain trustworthy for decades.
- 02
Selected as the hash-only fallback signature in PQC migration plans for code signing.
● Frequently asked questions
What is SPHINCS+?
A stateless hash-based digital-signature scheme standardized by NIST as FIPS 205 (SLH-DSA) in August 2024, offering conservative post-quantum security with no structured-math assumptions. It belongs to the Cryptography category of cybersecurity.
What does SPHINCS+ mean?
A stateless hash-based digital-signature scheme standardized by NIST as FIPS 205 (SLH-DSA) in August 2024, offering conservative post-quantum security with no structured-math assumptions.
How do you defend against SPHINCS+?
Defences for SPHINCS+ typically combine technical controls and operational practices, as detailed in the full definition above.
What are other names for SPHINCS+?
Common alternative names include: SLH-DSA, FIPS 205.