Skip to main content

Streaming SPHINCS+ for Embedded Devices Using the Example of TPMs

  • 418 Accesses

Part of the Lecture Notes in Computer Science book series (LNCS,volume 13503)


We present an implementation of the hash-based post-quantum signature scheme SPHINCS\(^+\) that enables heavily memory-restricted devices to sign messages by streaming-out a signature during its computation and to verify messages by streaming-in a signature. We demonstrate our implementation in the context of Trusted Platform Modules (TPMs) by proposing a SPHINCS\(^+\) integration and a streaming extension for the TPM specification. We evaluate the overhead of our signature-streaming approach for a stand-alone SPHINCS\(^+\) implementation and for its integration in a proof-of-concept TPM with the proposed streaming extension running on an ARM Cortex-M4 platform. Our streaming interface greatly reduces the memory requirements without introducing a performance penalty. This is achieved not only by removing the need to store an entire signature but also by reducing the stack requirements of the key generation, sign, and verify operations. Therefore, our streaming interface enables small embedded devices that do not have sufficient memory to store an entire SPHINCS\(^+\) signature or that previously were only able to use a parameter set that results in smaller signatures to sign and verify messages using all SPHINCS\(^+\) variants.


  • PQC
  • Signature streaming
  • ARM Cortex-M4
  • TPM

This is a preview of subscription content, access via your institution.

Buying options

USD   29.95
Price excludes VAT (USA)
  • Available as PDF
  • Read on any device
  • Instant download
  • Own it forever
USD   39.99
Price excludes VAT (USA)
  • Available as EPUB and PDF
  • Read on any device
  • Instant download
  • Own it forever
Softcover Book
USD   54.99
Price excludes VAT (USA)
  • Compact, lightweight edition
  • Dispatched in 3 to 5 business days
  • Free shipping worldwide - see info

Tax calculation will be finalised at checkout

Purchases are for personal use only

Learn about institutional subscriptions


  1. 1.

  2. 2.

  3. 3.

  4. 4.

  5. 5.

  6. 6.


  1. Amiet, D., Curiger, A., Zbinden, P.: FPGA-based accelerator for SPHINCS-256. 2018(1), 18–39 (2018)

    Google Scholar 

  2. Buchmann, J., Dahmen, E., Hülsing, A.: XMSS - a practical forward secure signature scheme based on minimal security assumptions. In: Yang, B.-Y. (ed.) PQCrypto 2011. LNCS, vol. 7071, pp. 117–129. Springer, Heidelberg (2011).

    CrossRef  Google Scholar 

  3. Bernstein, D.J., et al.: SPHINCS: practical stateless hash-based signatures. In: Oswald, E., Fischlin, M. (eds.) EUROCRYPT 2015. LNCS, vol. 9056, pp. 368–397. Springer, Heidelberg (2015).

    CrossRef  Google Scholar 

  4. Bernstein, D.J., Hülsing, A., Kölbl, S., Niederhagen, R., Rijneveld, J., Schwabe, P.: The SPHINCS+ signature framework, pp. 2129–2146 (2019)

    Google Scholar 

  5. Campos, F., Kohlstadt, T., Reith, S., Stöttinger, M.: LMS vs XMSS: comparison of stateful hash-based signature schemes on ARM cortex-M4. In: Nitaj, A., Youssef, A. (eds.) AFRICACRYPT 2020. LNCS, vol. 12174, pp. 258–277. Springer, Cham (2020).

    CrossRef  Google Scholar 

  6. Chen, L., et al.: Final demonstrators implementation report (2021).

  7. Gonzalez, R., et al.: Verifying post-quantum signatures in 8 kB of RAM. In: Cheon, J.H., Tillich, J.-P. (eds.) PQCrypto 2021 2021. LNCS, vol. 12841, pp. 215–233. Springer, Cham (2021).

    CrossRef  Google Scholar 

  8. Genêt, A., Kannwischer, M.J., Pelletier, H., McLauchlan, A.: Practical fault injection attacks on SPHINCS. Cryptology ePrint Archive, Report 2018/674 (2018)

    Google Scholar 

  9. Hülsing, A., et al.: SPHINCS+. techreport. National Institute of Standards and Technology (2020)

    Google Scholar 

  10. Hülsing, A., Butin, D., Gazdag, S.-L., Rijneveld, J., Mohaisen, A.: XMSS: eXtended Merkle Signature Scheme. RFC 8391, 1–74 (2018)

    Google Scholar 

  11. Hülsing, A., Rijneveld, J., Schwabe, P.: ARMed SPHINCS - computing a 41 KB signature in 16 KB of RAM, pp. 446–470 (2016)

    Google Scholar 

  12. Kölbl, S.: Putting wings on SPHINCS. In: Lange, T., Steinwandt, R. (eds.) PQCrypto 2018. LNCS, vol. 10786, pp. 205–226. Springer, Cham (2018).

    CrossRef  Google Scholar 

  13. Kannwischer, M.J., Rijneveld, J., Schwabe, P., Stoffelen, K.: PQM4: post-quantum crypto library for the ARM Cortex-M4.

  14. Kannwischer, M.J., Rijneveld, J., Schwabe, P., Stoffelen, K.: pqm4: testing and benchmarking NIST PQC on ARM Cortex-M4. Cryptology ePrint Archive, Report 2019/844 (2019)

    Google Scholar 

  15. Moody, D., et al.: Status report on the second round of the NIST post-quantum cryptography standardization process (2020)

    Google Scholar 

  16. McGrew, D., Curcio, M., Fluhrer, S.: Hash-based signatures. IETF Crypto Forum Research Group (2019).

  17. Merkle, R.C.: A certified digital signature. In: Brassard, G. (ed.) CRYPTO 1989. LNCS, vol. 435, pp. 218–238. Springer, New York (1990).

    CrossRef  Google Scholar 

  18. Paul, S., Schick, F., Seedorf, J.: TPM-based post-quantum cryptography: a case study on quantum-resistant and mutually authenticated TLS for IoT environments. In: Reinhardt, D., Müller, T. (eds.) ARES 2021, pp. 3:1–3:10. ACM (2021)

    Google Scholar 

  19. Roth, J., Karatsiolis, E., Krämer, J.: Classic McEliece implementation with low memory footprint. In: Liardet, P.-Y., Mentens, N. (eds.) CARDIS 2020. LNCS, vol. 12609, pp. 34–49. Springer, Cham (2021).

    CrossRef  Google Scholar 

  20. Trusted Computing Group. TCG PC client specific TPM interface specification (TIS). Specification Version 1.3, 1 (2013).

  21. Trusted Computing Group. Trusted Platform Module Library, Part 1: Architecture. Specification version: 1.59 Family 2.0, 1 (2019a).

  22. Trusted Computing Group. Trusted Platform Module Library, Part 3: Commands. Specification version: 1.59 Family 2.0, 1 (2019b)

    Google Scholar 

  23. Wang, W., et al.: XMSS and embedded systems. In: Paterson, K.G., Stebila, D. (eds.) SAC 2019. LNCS, vol. 11959, pp. 523–550. Springer, Cham (2020).

    CrossRef  Google Scholar 

Download references


We would like to thank Aymeric Genêt and anonymous reviewers for their valuable feedback on earlier versions of this paper. This work has been partially funded by the German Federal Ministry of Education and Research (BMBF) under the project “QuantumRISC” (IDs 16KIS1033K and 16KIS1037) and by the Taiwanese Ministry of Science and Technology (MOST) under the project 109-2221-E-001-009-MY3.

Author information

Authors and Affiliations


Corresponding authors

Correspondence to Ruben Niederhagen , Johannes Roth or Julian Wälde .

Editor information

Editors and Affiliations

Rights and permissions

Reprints and Permissions

Copyright information

© 2022 The Author(s), under exclusive license to Springer Nature Switzerland AG

About this paper

Check for updates. Verify currency and authenticity via CrossMark

Cite this paper

Niederhagen, R., Roth, J., Wälde, J. (2022). Streaming SPHINCS+ for Embedded Devices Using the Example of TPMs. In: Batina, L., Daemen, J. (eds) Progress in Cryptology - AFRICACRYPT 2022. AFRICACRYPT 2022. Lecture Notes in Computer Science, vol 13503. Springer, Cham.

Download citation

  • DOI:

  • Published:

  • Publisher Name: Springer, Cham

  • Print ISBN: 978-3-031-17432-2

  • Online ISBN: 978-3-031-17433-9

  • eBook Packages: Computer ScienceComputer Science (R0)