(2026-04) A tight security analysis of the FIPS-205 standard (SLH-DSA)
2026-04-01
The SPHINCS+ framework, recently standardized by NIST as SLH-DSA (FIPS 205), is a leading stateless hash-based signature scheme for the post-quantum era. Concrete-security evaluation of SPHINCS+ faces a trade-off: tight bounds require a conjectural multi-target decisional second-preimage resistance (SM-DSPR), while fully proven bounds incur substantial looseness. In this paper, we refine the concrete security analysis of SPHINCS+ by eliminating this heuristic reliance. In our approach, we analyze the SM-openPRE and SM-PRE properties instead of relying on SM-DSPR. By utilizing a precise probabilistic simulation technique, we restrict the multi-target tightness degradation exclusively to the maximum number of practically revealed targets rather than the total theoretical targets. When applied to the SLH-DSA parameter sets, our conjecture-free approach bridges the theoretical gap, recovering up to 18 bits of classical security and 9 bits of quantum security compared to the NIST loose evaluation. Our results establish a provable bound for the practical security of SLH-DSA without relying on optimistic multi-target assumptions.