{"status":"ok","message-type":"work","message-version":"1.0.0","message":{"indexed":{"date-parts":[[2026,4,6]],"date-time":"2026-04-06T10:22:04Z","timestamp":1775470924602,"version":"3.50.1"},"publisher-location":"Cham","reference-count":47,"publisher":"Springer Nature Switzerland","isbn-type":[{"value":"9783031400025","type":"print"},{"value":"9783031400032","type":"electronic"}],"license":[{"start":{"date-parts":[[2023,1,1]],"date-time":"2023-01-01T00:00:00Z","timestamp":1672531200000},"content-version":"tdm","delay-in-days":0,"URL":"https:\/\/www.springernature.com\/gp\/researchers\/text-and-data-mining"},{"start":{"date-parts":[[2023,1,1]],"date-time":"2023-01-01T00:00:00Z","timestamp":1672531200000},"content-version":"vor","delay-in-days":0,"URL":"https:\/\/www.springernature.com\/gp\/researchers\/text-and-data-mining"}],"content-domain":{"domain":["link.springer.com"],"crossmark-restriction":false},"short-container-title":[],"published-print":{"date-parts":[[2023]]},"DOI":"10.1007\/978-3-031-40003-2_24","type":"book-chapter","created":{"date-parts":[[2023,8,9]],"date-time":"2023-08-09T13:03:04Z","timestamp":1691586184000},"page":"658-687","update-policy":"https:\/\/doi.org\/10.1007\/springer_crossmark_policy","source":"Crossref","is-referenced-by-count":5,"title":["Faulting Winternitz One-Time Signatures to\u00a0Forge LMS, XMSS, or\u00a0$$\\text {SPHINCS}^{+}$$ Signatures"],"prefix":"10.1007","author":[{"ORCID":"https:\/\/orcid.org\/0000-0003-2853-3063","authenticated-orcid":false,"given":"Alexander","family":"Wagner","sequence":"first","affiliation":[]},{"ORCID":"https:\/\/orcid.org\/0009-0002-8481-9103","authenticated-orcid":false,"given":"Vera","family":"Wesselkamp","sequence":"additional","affiliation":[]},{"ORCID":"https:\/\/orcid.org\/0000-0002-7822-2880","authenticated-orcid":false,"given":"Felix","family":"Oberhansl","sequence":"additional","affiliation":[]},{"given":"Marc","family":"Schink","sequence":"additional","affiliation":[]},{"ORCID":"https:\/\/orcid.org\/0000-0003-0204-3234","authenticated-orcid":false,"given":"Emanuele","family":"Strieder","sequence":"additional","affiliation":[]}],"member":"297","published-online":{"date-parts":[[2023,8,10]]},"reference":[{"key":"24_CR1","unstructured":"Atilano, E., de Grandmaison, A., Heydemann, K., Bouffard, G.: Assessing the effectiveness of MCUboot protections against fault injection attacks"},{"key":"24_CR2","doi-asserted-by":"crossref","unstructured":"Amiet, D., Leuenberger, L., Curiger, A., Zbinden, P.: FPGA-based SPHINCS$$^+$$ implementations: mind the glitch. In: 2020 23rd Euromicro Conference on Digital System Design (DSD), pp. 229\u2013237 (2020)","DOI":"10.1109\/DSD51259.2020.00046"},{"key":"24_CR3","unstructured":"ANSSI: ANSSI views on the Post-Quantum Cryptography transition (2022). https:\/\/www.ssi.gouv.fr\/en\/publication\/anssi-views-on-the-post-quantum-cryptography-transition\/"},{"key":"24_CR4","unstructured":"Aumasson, J.-P.: Too much crypto (2019). https:\/\/eprint.iacr.org\/2019\/1492.pdf"},{"key":"24_CR5","unstructured":"Ban, T.: HW Fault Injection Mitigation - Trusted Firmware M. https:\/\/www.trustedfirmware.org\/docs\/TF-M_fault_injection_mitigation.pdf"},{"key":"24_CR6","doi-asserted-by":"crossref","unstructured":"Buchmann, J., Dahmen, E., Ereth, S., H\u00fclsing, A., R\u00fcckert, M.: On the security of the Winternitz one-time signature scheme. Cryptology ePrint Archive, Paper 2011\/191 (2011). https:\/\/eprint.iacr.org\/2011\/191","DOI":"10.1007\/978-3-642-21969-6_23"},{"key":"24_CR7","series-title":"Lecture Notes in Computer Science","doi-asserted-by":"publisher","first-page":"31","DOI":"10.1007\/978-3-540-72738-5_3","volume-title":"Applied Cryptography and Network Security","author":"J Buchmann","year":"2007","unstructured":"Buchmann, J., Dahmen, E., Klintsevich, E., Okeya, K., Vuillaume, C.: Merkle signatures with virtually unlimited signature capacity. In: Katz, J., Yung, M. (eds.) ACNS 2007. LNCS, vol. 4521, pp. 31\u201345. Springer, Heidelberg (2007). https:\/\/doi.org\/10.1007\/978-3-540-72738-5_3"},{"issue":"2","key":"24_CR8","doi-asserted-by":"publisher","first-page":"199","DOI":"10.46586\/tches.v2019.i2.199-224","volume":"2019","author":"C Bozzato","year":"2019","unstructured":"Bozzato, C., Focardi, R., Palmarini, F.: Shaping the glitch: optimizing voltage fault injection attacks. IACR Trans. Cryptogr. Hardw. Embed. Syst. 2019(2), 199\u2013224 (2019)","journal-title":"IACR Trans. Cryptogr. Hardw. Embed. Syst."},{"key":"24_CR9","doi-asserted-by":"crossref","unstructured":"Bos, J.W., H\u00fclsing, A., Renes, J., Van Vredendaal, C.: Rapidly verifiable XMSS signatures, pp. 137\u2013168 (2021)","DOI":"10.46586\/tches.v2021.i1.137-168"},{"key":"24_CR10","unstructured":"Bitmain Antminer S19 XP (140Th) profitability (2022). https:\/\/www.asicminervalue.com\/miners\/bitmain\/antminer-s19-xp-140th"},{"key":"24_CR11","unstructured":"Brown, D.: Post-quantum cryptography. https:\/\/github.com\/mcu-tools\/mcuboot\/discussions\/1099?sort=top"},{"key":"24_CR12","unstructured":"BSI: BSI - Technische Richtlinie: Kryptographische Verfahren: Empfehlungen und Schluessellaengen (2022). https:\/\/www.bsi.bund.de\/SharedDocs\/Downloads\/DE\/BSI\/Publikationen\/TechnischeRichtlinien\/TR02102\/BSI-TR-02102.pdf?__blob=publicationFile"},{"key":"24_CR13","doi-asserted-by":"crossref","unstructured":"Cooper, D.A., Apon, D.C., Dang, Q.H., Davidson, M.S., Dworkin, M.J., Miller, C.A.: Recommendation for stateful hash-based signature schemes (2020)","DOI":"10.6028\/NIST.SP.800-208"},{"key":"24_CR14","unstructured":"Cisco: Post quantum trust anchors (2019). https:\/\/www.cisco.com\/c\/dam\/en_us\/about\/doing_business\/trust-center\/docs\/post-quantum-trust-anchors-wp.pdf"},{"key":"24_CR15","series-title":"Lecture Notes in Computer Science","doi-asserted-by":"publisher","first-page":"165","DOI":"10.1007\/978-3-319-79063-3_8","volume-title":"Post-Quantum Cryptography","author":"L Castelnovi","year":"2018","unstructured":"Castelnovi, L., Martinelli, A., Prest, T.: Grafting trees: a fault attack against the SPHINCS framework. In: Lange, T., Steinwandt, R. (eds.) PQCrypto 2018. LNCS, vol. 10786, pp. 165\u2013184. Springer, Cham (2018). https:\/\/doi.org\/10.1007\/978-3-319-79063-3_8"},{"key":"24_CR16","unstructured":"Croley, S.: Hashcat v6.1.1 benchmark on the Nvidia RTX 3090 (2020). https:\/\/gist.github.com\/Chick3nman\/32e662a5bb63bc4f51b847bb422222fd"},{"key":"24_CR17","unstructured":"Croley, S.: Hashcat v6.2.6 benchmark on the Nvidia RTX 4090 (2022). https:\/\/gist.github.com\/Chick3nman\/32e662a5bb63bc4f51b847bb422222fd"},{"key":"24_CR18","doi-asserted-by":"crossref","unstructured":"Fahr, M., et al.: When Frodo Flips: end-to-end key recovery on FrodoKEM via Rowhammer. In: Proceedings of the 2022 ACM SIGSAC Conference on Computer and Communications Security, Los Angeles, CA, USA, November 2022, pp. 979\u2013993. ACM (2022)","DOI":"10.1145\/3548606.3560673"},{"key":"24_CR19","series-title":"Lecture Notes in Computer Science","doi-asserted-by":"publisher","first-page":"299","DOI":"10.1007\/978-3-319-72565-9_15","volume-title":"Selected Areas in Cryptography \u2013 SAC 2017","author":"L Groot Bruinderink","year":"2018","unstructured":"Groot Bruinderink, L., H\u00fclsing, A.: \u201cOops, i did it again\u2019\u2019 \u2013 security of one-time signatures under two-message attacks. In: Adams, C., Camenisch, J. (eds.) SAC 2017. LNCS, vol. 10719, pp. 299\u2013322. Springer, Cham (2018). https:\/\/doi.org\/10.1007\/978-3-319-72565-9_15"},{"key":"24_CR20","unstructured":"IT Security Solutions From Genua Withstand Attacks With Quantum Computers (2020). https:\/\/www.genua.eu\/knowledge-base\/it-security-solutions-from-genua-withstand-attacks-with-quantum-computers"},{"key":"24_CR21","doi-asserted-by":"crossref","unstructured":"Gen\u00eat, A.: On protecting SPHINCS+ against fault attacks. IACR Trans. Cryptogr. Hardw. Embed. Syst. 80\u2013114 (2023)","DOI":"10.46586\/tches.v2023.i2.80-114"},{"key":"24_CR22","unstructured":"Gen\u00eat, A., Kannwischer, M.J., Pelletier, H., McLauchlan, A.: Practical fault injection attacks on SPHINCS (2018). https:\/\/eprint.iacr.org\/2018\/674"},{"key":"24_CR23","unstructured":"https:\/\/groups.google.com\/a\/list.nist.gov\/g\/pqc-forum\/c\/LUczQNCw7HA\/m\/f50WvA3RBAAJ"},{"key":"24_CR24","unstructured":"Gratchoff, J., Timmers, N., Spruyt, A., Chmielewski, L.: Proving the wild jungle jump. Technical report, University of Amsterdam (2015)"},{"key":"24_CR25","unstructured":"H\u00fclsing, A., et al.: SPHINCS+ - submission to the NIST post-quantum project, vol. 3 (2020). https:\/\/csrc.nist.gov\/projects\/post-quantum-cryptography\/round-3-submissions"},{"key":"24_CR26","doi-asserted-by":"crossref","unstructured":"Huelsing, A., Butin, D., Gazdag, S., Rijneveld, J., Mohaisen, A.: XMSS: eXtended Merkle signature scheme (2018). https:\/\/datatracker.ietf.org\/doc\/html\/rfc8391","DOI":"10.17487\/RFC8391"},{"key":"24_CR27","doi-asserted-by":"crossref","unstructured":"Hauschild, F., Garb, K., Auer, L., Selmke, B., Obermaier, J.: ARCHIE: A QEMU-Based framework for architecture-independent evaluation of faults. In: 2021 Workshop on Fault Detection and Tolerance in Cryptography (FDTC), pp. 20\u201330 (2021)","DOI":"10.1109\/FDTC53659.2021.00013"},{"key":"24_CR28","doi-asserted-by":"crossref","unstructured":"H\u00fclsing, A., Kudinov, M.: Recovering the tight security proof of $$SPHINCS^{+}$$. Cryptology ePrint Archive, Paper 2022\/346 (2022). https:\/\/eprint.iacr.org\/2022\/346","DOI":"10.1007\/978-3-031-22972-5_1"},{"issue":"3","key":"24_CR29","doi-asserted-by":"publisher","first-page":"22","DOI":"10.46586\/tches.v2020.i3.22-72","volume":"2020","author":"J Heyszl","year":"2020","unstructured":"Heyszl, J., et al.: Investigating profiled side-channel attacks against the DES key schedule. IACR Trans. Cryptogr. Hardw. Embed. Syst. 2020(3), 22\u201372 (2020)","journal-title":"IACR Trans. Cryptogr. Hardw. Embed. Syst."},{"key":"24_CR30","series-title":"Lecture Notes in Computer Science","doi-asserted-by":"publisher","first-page":"173","DOI":"10.1007\/978-3-642-38553-7_10","volume-title":"Progress in Cryptology \u2013 AFRICACRYPT 2013","author":"A H\u00fclsing","year":"2013","unstructured":"H\u00fclsing, A.: W-OTS+ \u2013 shorter signatures for hash-based signature schemes. In: Youssef, A., Nitaj, A., Hassanien, A.E. (eds.) AFRICACRYPT 2013. LNCS, vol. 7918, pp. 173\u2013188. Springer, Heidelberg (2013). https:\/\/doi.org\/10.1007\/978-3-642-38553-7_10"},{"key":"24_CR31","doi-asserted-by":"crossref","unstructured":"Kumar, V.B.Y., Gupta, N., Chattopadhyay, A., Kasper, M., Krau\u00df, C., Niederhagen, R.: Post-quantum secure boot. In: 2020 Design, Automation Test in Europe Conference Exhibition (DATE), pp. 1582\u20131585 (2020)","DOI":"10.23919\/DATE48585.2020.9116252"},{"key":"24_CR32","doi-asserted-by":"crossref","unstructured":"Kudinov, M., H\u00fclsing, A., Ronen, E., Yogev, E.: SPHINCS+C: compressing SPHINCS+ with (almost) no cost. Cryptology ePrint Archive, Paper 2022\/778 (2022). https:\/\/eprint.iacr.org\/2022\/778","DOI":"10.1109\/SP46215.2023.10179381"},{"key":"24_CR33","doi-asserted-by":"crossref","unstructured":"Kampanakis, P., Panburana, P., Curcio, M., Shroff, C., Alam, M.: Post-quantum LMS and SPHINCS+ hash-based signatures for UEFI secure boot, p. 22 (2021)","DOI":"10.1007\/978-3-030-72725-3_5"},{"key":"24_CR34","unstructured":"Moody, D., et al.: Status report on the third round of the NIST post-quantum cryptography standardization process (2022)"},{"key":"24_CR35","unstructured":"MCUboot documentation. https:\/\/docs.mcuboot.com\/"},{"key":"24_CR36","series-title":"Lecture Notes in Computer Science","doi-asserted-by":"publisher","first-page":"218","DOI":"10.1007\/0-387-34805-0_21","volume-title":"Advances in Cryptology \u2014 CRYPTO\u2019 89 Proceedings","author":"RC Merkle","year":"1990","unstructured":"Merkle, R.C.: A certified digital signature. In: Brassard, G. (ed.) CRYPTO 1989. LNCS, vol. 435, pp. 218\u2013238. Springer, New York (1990). https:\/\/doi.org\/10.1007\/0-387-34805-0_21"},{"key":"24_CR37","doi-asserted-by":"crossref","unstructured":"McGrew, D., Fluhrer, S., Curcio, M.: Leighton-Micali hash-based signatures (2019). https:\/\/datatracker.ietf.org\/doc\/html\/rfc8554","DOI":"10.17487\/RFC8554"},{"key":"24_CR38","unstructured":"O\u2019Flynn, C.: MIN()imum failure: EMFI attacks against USB stacks. In: 13th USENIX Workshop on Offensive Technologies (WOOT 2019), Santa Clara, CA, August 2019. USENIX Association (2019)"},{"key":"24_CR39","doi-asserted-by":"crossref","unstructured":"Obermaier, J., Specht, R., Sigl, G.: Fuzzy-glitch: a practical ring oscillator based clock glitch attack. In: 2017 International Conference on Applied Electronics (AE), pp. 1\u20136 (2017)","DOI":"10.23919\/AE.2017.8053601"},{"key":"24_CR40","unstructured":"Philipoom, J.: Request for feedback on possible SPHINCS+ variant (2022). https:\/\/groups.google.com\/a\/list.nist.gov\/g\/pqc-forum\/c\/LUczQNCw7HA\/m\/f50WvA3RBAAJ"},{"key":"24_CR41","unstructured":"Raimbault, G.: Welcome to a new generation of future-proof TPMs: OPTIGA TPM SLB 9672 (2022). https:\/\/www.infineon.com\/dgdl\/Infineon-OPTIGA-TPM-SLB9672.pdf?fileId=8ac78c8b7e7122d1017f071c3f6b00d2"},{"key":"24_CR42","unstructured":"Roth, T.: TrustZone-M(eh): Breaking ARMv8-M\u2019s security (2019)"},{"key":"24_CR43","unstructured":"Sondero: Hashcat v5.1.0 benchmark on the Intel(R) Core(TM) i7-9700K (2019). https:\/\/hashcat.net\/forum\/thread-9042-post-47927.html#pid47927"},{"key":"24_CR44","doi-asserted-by":"crossref","unstructured":"Selmke, B., Zinnecker, K., Koppermann, P., Miller, K., Heyszl, J., Sigl, G.: Locked out by latch-up? An empirical study on laser fault injection into Arm Cortex-M processors. In: 2018 Workshop on Fault Diagnosis and Tolerance in Cryptography (FDTC), Amsterdam, Netherlands, September 2018, pp. 7\u201314. IEEE (2018)","DOI":"10.1109\/FDTC.2018.00010"},{"key":"24_CR45","series-title":"Lecture Notes in Computer Science","doi-asserted-by":"publisher","first-page":"126","DOI":"10.1007\/978-3-642-38348-9_8","volume-title":"Advances in Cryptology \u2013 EUROCRYPT 2013","author":"N Veyrat-Charvillon","year":"2013","unstructured":"Veyrat-Charvillon, N., G\u00e9rard, B., Standaert, F.-X.: Security evaluations beyond computing power. In: Johansson, T., Nguyen, P.Q. (eds.) EUROCRYPT 2013. LNCS, vol. 7881, pp. 126\u2013141. Springer, Heidelberg (2013). https:\/\/doi.org\/10.1007\/978-3-642-38348-9_8"},{"key":"24_CR46","series-title":"Lecture Notes in Computer Science","doi-asserted-by":"publisher","first-page":"523","DOI":"10.1007\/978-3-030-38471-5_21","volume-title":"Selected Areas in Cryptography \u2013 SAC 2019","author":"W Wang","year":"2020","unstructured":"Wang, W., Jungk, B., W\u00e4lde, J., Deng, S., Gupta, N., Szefer, J., Niederhagen, R.: XMSS and embedded systems. In: Paterson, K.G., Stebila, D. (eds.) SAC 2019. LNCS, vol. 11959, pp. 523\u2013550. Springer, Cham (2020). https:\/\/doi.org\/10.1007\/978-3-030-38471-5_21"},{"key":"24_CR47","doi-asserted-by":"crossref","unstructured":"Wagner, A., Oberhansl, F., Schink, M.: To be, or not to be stateful: post-quantum secure boot using hash-based signatures. In: Proceedings of the 2022 Workshop on Attacks and Solutions in Hardware Security, ASHES 2022, pp. 85\u201394. Association for Computing Machinery, New York (2022)","DOI":"10.1145\/3560834.3563831"}],"container-title":["Lecture Notes in Computer Science","Post-Quantum Cryptography"],"original-title":[],"language":"en","link":[{"URL":"https:\/\/link.springer.com\/content\/pdf\/10.1007\/978-3-031-40003-2_24","content-type":"unspecified","content-version":"vor","intended-application":"similarity-checking"}],"deposited":{"date-parts":[[2023,8,9]],"date-time":"2023-08-09T13:05:57Z","timestamp":1691586357000},"score":1,"resource":{"primary":{"URL":"https:\/\/link.springer.com\/10.1007\/978-3-031-40003-2_24"}},"subtitle":[],"short-title":[],"issued":{"date-parts":[[2023]]},"ISBN":["9783031400025","9783031400032"],"references-count":47,"URL":"https:\/\/doi.org\/10.1007\/978-3-031-40003-2_24","relation":{},"ISSN":["0302-9743","1611-3349"],"issn-type":[{"value":"0302-9743","type":"print"},{"value":"1611-3349","type":"electronic"}],"subject":[],"published":{"date-parts":[[2023]]},"assertion":[{"value":"10 August 2023","order":1,"name":"first_online","label":"First Online","group":{"name":"ChapterHistory","label":"Chapter History"}},{"value":"PQCrypto","order":1,"name":"conference_acronym","label":"Conference Acronym","group":{"name":"ConferenceInfo","label":"Conference Information"}},{"value":"International Conference on Post-Quantum Cryptography","order":2,"name":"conference_name","label":"Conference Name","group":{"name":"ConferenceInfo","label":"Conference Information"}},{"value":"College Park, MD","order":3,"name":"conference_city","label":"Conference City","group":{"name":"ConferenceInfo","label":"Conference Information"}},{"value":"USA","order":4,"name":"conference_country","label":"Conference Country","group":{"name":"ConferenceInfo","label":"Conference Information"}},{"value":"2023","order":5,"name":"conference_year","label":"Conference Year","group":{"name":"ConferenceInfo","label":"Conference Information"}},{"value":"16 August 2023","order":7,"name":"conference_start_date","label":"Conference Start Date","group":{"name":"ConferenceInfo","label":"Conference Information"}},{"value":"18 August 2023","order":8,"name":"conference_end_date","label":"Conference End Date","group":{"name":"ConferenceInfo","label":"Conference Information"}},{"value":"14","order":9,"name":"conference_number","label":"Conference Number","group":{"name":"ConferenceInfo","label":"Conference Information"}},{"value":"pqcrypto2023","order":10,"name":"conference_id","label":"Conference ID","group":{"name":"ConferenceInfo","label":"Conference Information"}},{"value":"https:\/\/pqcrypto2023.umiacs.io\/","order":11,"name":"conference_url","label":"Conference URL","group":{"name":"ConferenceInfo","label":"Conference Information"}},{"value":"Single-blind","order":1,"name":"type","label":"Type","group":{"name":"ConfEventPeerReviewInformation","label":"Peer Review Information (provided by the conference organizers)"}},{"value":"easychair","order":2,"name":"conference_management_system","label":"Conference Management System","group":{"name":"ConfEventPeerReviewInformation","label":"Peer Review Information (provided by the conference organizers)"}},{"value":"51","order":3,"name":"number_of_submissions_sent_for_review","label":"Number of Submissions Sent for Review","group":{"name":"ConfEventPeerReviewInformation","label":"Peer Review Information (provided by the conference organizers)"}},{"value":"25","order":4,"name":"number_of_full_papers_accepted","label":"Number of Full Papers Accepted","group":{"name":"ConfEventPeerReviewInformation","label":"Peer Review Information (provided by the conference organizers)"}},{"value":"0","order":5,"name":"number_of_short_papers_accepted","label":"Number of Short Papers Accepted","group":{"name":"ConfEventPeerReviewInformation","label":"Peer Review Information (provided by the conference organizers)"}},{"value":"49% - The value is computed by the equation \"Number of Full Papers Accepted \/ Number of Submissions Sent for Review * 100\" and then rounded to a whole number.","order":6,"name":"acceptance_rate_of_full_papers","label":"Acceptance Rate of Full Papers","group":{"name":"ConfEventPeerReviewInformation","label":"Peer Review Information (provided by the conference organizers)"}},{"value":"3.16","order":7,"name":"average_number_of_reviews_per_paper","label":"Average Number of Reviews per Paper","group":{"name":"ConfEventPeerReviewInformation","label":"Peer Review Information (provided by the conference organizers)"}},{"value":"3.30","order":8,"name":"average_number_of_papers_per_reviewer","label":"Average Number of Papers per Reviewer","group":{"name":"ConfEventPeerReviewInformation","label":"Peer Review Information (provided by the conference organizers)"}},{"value":"Yes","order":9,"name":"external_reviewers_involved","label":"External Reviewers Involved","group":{"name":"ConfEventPeerReviewInformation","label":"Peer Review Information (provided by the conference organizers)"}}]}}