An Efficient Software Implementation of the Hash-Based Signature Scheme MSS and Its Variants

Conference paper

DOI: 10.1007/978-3-319-22174-8_20

Part of the Lecture Notes in Computer Science book series (LNCS, volume 9230)
Cite this paper as:
de Oliveira A.K.D.S., López J. (2015) An Efficient Software Implementation of the Hash-Based Signature Scheme MSS and Its Variants. In: Lauter K., Rodríguez-Henríquez F. (eds) Progress in Cryptology -- LATINCRYPT 2015. LATINCRYPT 2015. Lecture Notes in Computer Science, vol 9230. Springer, Cham


In this work, we describe an optimized software implementation of the Merkle digital signature scheme (MSS) and its variants GMSS, XMSS and \(\mathrm{XMSS}^\mathrm{MT}\) using the vector instruction set AVX2 on Intel’s Haswell processor. Our implementation uses the multi-buffer approach for speeding up key generation, signing and verification on these schemes. We selected a set of parameters to maintain a balance among security level, key sizes and signature size. We aligned these parameters with the ones used in the hash-based signature schemes LDWM and XMSS. We report the performance results of our implementation on a modern Intel Core i7 3.4 GHz. In particular, a signing operation in the XMSS scheme can be computed in 2,001,479 cycles (1,694 signatures per second) at the 128-bit security level (against quantum attacks) using the SHA2-256 hash function, a tree of height 60 and 6 layers. Our results indicate that the post-quantum hash-based signature scheme \(\mathrm{XMSS}^\mathrm{MT}\) offers high security and performance for several parameters on modern processors.


Digital signature Scheme xmss Merkle tree Post-quantum cryptography 

Copyright information

© Springer International Publishing Switzerland 2015

Authors and Affiliations

  • Ana Karina D. S. de Oliveira
    • 1
  • Julio López
    • 2
  1. 1.Federal University of Mato Grosso Do Sul (FACOM-UFMS)Campo GrandeBrazil
  2. 2.State University of Campinas (IC-UNICAMP)CampinasBrazil

Personalised recommendations