Stateful Hash-Based Signature (SHBS) Benchmark Data for XMSS and LMS

TL;DR

This work addresses the need to understand how SHBS parameter choices affect long-term, quantum-resistant signatures by providing a comprehensive benchmark dataset for XMSS, XMSSMT, LMS, and HSS, with SPHINCS+ and ECDSA included for reference. The authors generate cross-parameter benchmarks using libOQS on a common x86 platform, reporting metrics such as $log_2(N)$ (Number of Signatures), Signature Length, Public Key Length, Secret Key Length, and Validation Time in $M$-Cycles to characterize tradeoffs. The contribution is a practical data resource that aids system designers in balancing signature distribution, storage, and validation workloads when deploying centralized signing in distributed environments, under varying hardware and compiler conditions. The findings emphasize that parameter selection materially impacts resource usage and that results are platform-dependent, guiding engineers to tailor SHBS configurations to their specific deployment constraints and hardware accelerators. Overall, the dataset enhances the ability to plan secure, scalable software update and authentication infrastructures in a post-quantum world.

Abstract

The National Institute of Standards and Technology (NIST) has recommended the use of stateful hash-based digital signatures for long-term applications that may require protection from future threats that use quantum computers. XMSS and LMS, the two approved algorithms, have multiple parameter options that impact digital signature size, public key size, the number of signatures that can be produced over the life of a keypair, and the computational effort to validate signatures. This collection of benchmark data is intended to support system designers in understanding the differences among the configuration options.