On this page I make the program code available that I used for my research. The code comes with no guarantee or warranty and has to be understood as proof of concept. I apologize in advance for missing comments, bugs etc pp. If I did not upload code referenced in one of my papers, simply contact me. I might not have found the time to package it, yet. If not stated otherwise (see headers in source), the code is published as public domain.

  • RapidXMSS: The code of our paper “Rapidly Verifiable XMSS Signatures” is available here: [zip]
  • SPHINCS+: The original submission package can be found on the project page Up-to-date implementations are available via our public GitHub repository.
  • XMSS and XMSS^MT: Reference implementation of our internet draft. The package contains the very basic but inefficient reference implementation (see xmss.c) as well as an efficient but more complicated implementation (see xmss_fast.c).
    • Continuously updated github repository: [link]
    • (Deprecated) Implementation of  version 06 (still applies to 07 and 08): [tar.gz]
    • (Deprecated) Implementation of  version 03: [tar.gz]
    • (Deprecated) Implementation of version 01: [tar.gz]
  • From 5-pass MQ-based identification to MQ-based signatures: The implementations can be found on Joost’s homepage.
  • Mitigating Multi-Target Attacks: The code that we used for our experiments can be found on Joost’s homepage.
  • ARMed SPHINCS: You find the code on Joost’s homepage.
  • SPHINCS: See the project page.
  • Parameter optimization for XMSS^MT: You can download the code here [rar]
  • XMSS and XMSS^MT: (Deprecated) An old implementation of the original schemes as described in my thesis and in papers from before 2014. Note that this is not the reference implementation for the Internet Draft. It is just here to keep my old results verifiable: [tgz]