Standalone stateful hash-based signatures software library

Overview

The SHSlib is a standalone stateful hash-based signatures software library, which provides signature verification for stateful hash-based signatures.

SHSlib implements SHA-256 operation in software and has hardware integration with the EIP-120. In addition, it can be integrated with another hardware SHA core for acceleration.

The library is optimized for minimal footprint and stack usage, and it is designed to be hardware and OS agnostic.

Key Features

Fast and minimal LMS and XMSS software library
Bare-metal, no OS nor HW dependencies
Hardware acceleration option for SHA-256
Single API for both HW and SW
Support for integrating third-party SW or HW SHA-256 implementation
Written in clear, highly portable C source code
Engineer-level support and regular updates provided under maintenance
Specifications
- RFC 8391: XMSS: eXtended Merkle Signature Scheme
- RFC 8554: LMS: Leighton-Micali Hash-Based Signatures
- NIST SP 800-208 – Recommendation for Stateful Hash-Based Signature Schemes
- RFC 6234: US Secure Hash Algorithms (SHA and SHA-based HMAC and HKDF)
Supported Parameter Sets:
- LMS:
  - LMS_SHA256_M32_H10
  - LMS_SHA256_M32_H15
  - LMS_SHA256_M32_H20
  - LMOTS_SHA256_N32_W4
- XMSS:
  - XMSS-SHA2_10_256
  - XMSS-SHA2_16_256
  - XMSS-SHA2_20_256
Use Cases
- Secure boot
- Firmware update
- No OS, resource constrained environment
- Quantum Safe requirements for above

Technical Specifications

Request Info

Standalone stateful hash-based signatures software library

Overview

Key Features

Technical Specifications

Related IPs