Official websites use .gov
A .gov website belongs to an official government organization in the United States.

Secure .gov websites use HTTPS
A lock ( ) or https:// means you’ve safely connected to the .gov website. Share sensitive information only on official, secure websites.


Side Channel Resistant SPHINCS+

April 10, 2024


Scott Fluhrer - Cisco


Here is a potential way to create a SLH-DSA-like key generation/signer that aspires to be resistant to DPA side channel attacks. We say that it is “SLH-DSA-like”, because it does not follow the FIPS 205 method of generating signatures (in particular, it does not have the same mapping from private key, messages, opt rand to signatures), however it does generate public keys and signatures that are compatible with the standard signature verification method, and with the same security (with a small security loss against side channel attacks). In our tests, this idea performed 1.7 times slower compared to an unprotected version.

Presented at

5th PQC Standardization Conference (2024) [in-person]

Event Details


    The NIST PQC conference will be held at the:
    Hilton Washington DC/Rockville Hotel
    1750 Rockville Pike
    Rockville, MD 20852

Related Topics

Security and Privacy: post-quantum cryptography

Created April 10, 2024, Updated April 11, 2024