Use simple SPHINCS+ parameters

Simple ones are more than enough good for security and highly simplifier
verification code.

diff --git a/go/cm/sign/spx/kp.go b/go/cm/sign/spx/kp.go
index 0a9c0b86cfc226918480106b6e63d4e64c74f6fe6472060ca630385b33c174a7..5359c61da8f0a78f28c736a2a712e9058470b75b401cc45f2d047fa432cd8972 100644 (file)
--- a/go/cm/sign/spx/kp.go
+++ b/go/cm/sign/spx/kp.go
@@ -26,7 +26,7 @@ const (
        SPHINCSPlusSHAKE256sMerkle = "sphincs+-shake-256s-merkle"
 )
 
-var Params = spxParams.MakeSphincsPlusSHAKE256256sRobust(true)
+var Params = spxParams.MakeSphincsPlusSHAKE256256sSimple(true)
 
 func NewKeypair(algo string) (prv, pub []byte, err error) {
        sk, pk := spx.Spx_keygen(Params)

diff --git a/spec/cm/prv.texi b/spec/cm/prv.texi
index d00294a1b56a7dad0538fae3a03c27bb87686961638dacbb5b347d5cc836ee4d..cc191a4e6bc3ce84062a24e1dc3c272861a78548cf2515e96489f13c8666fd74 100644 (file)
--- a/spec/cm/prv.texi
+++ b/spec/cm/prv.texi
@@ -53,12 +53,12 @@ Stored in a file, it should begin with "cm/prv" @ref{MAGIC, magic}.
 
 @node cm-prv-sphincs+-shake-256s
 @cindex cm-prv-sphincs+-shake-256s
-@nodedescription cm/prv with SPHINCS+-SHAKE256-256s-robust
-@subsection cm/prv with SPHINCS+-SHAKE256-256s-robust
+@nodedescription cm/prv with SPHINCS+-SHAKE256-256s
+@subsection cm/prv with SPHINCS+-SHAKE256-256s
 
     @url{https://sphincs.org/, SPHINCS+} with
     @url{https://keccak.team/, SHAKE256} hash,
-    255-bit security level, small signatures and robust parameters.
+    255-bit security level, small signatures and simple parameters.
     Value is concatenation of private and public keys (128+64 bytes).
 
     Algorithm identifier for the public key: @code{sphincs+-shake-256s}.

diff --git a/spec/cm/pub.texi b/spec/cm/pub.texi
index f922522d6de2778352c38f360fbe1216458a84732d16b1b970f2da6114d51ef1..7a4819b706d4afd21fc4b7ae6927829853eb29a0a3bfaba07d0eced8e85ada76 100644 (file)
--- a/spec/cm/pub.texi
+++ b/spec/cm/pub.texi
@@ -193,12 +193,12 @@ MAP {
 
 @node cm-pub-sphincs+-shake-256s
 @cindex cm-pub-sphincs+-shake-256s
-@nodedescription cm/pub with SPHINCS+-SHAKE256-256s-robust
-@subsection cm/pub with SPHINCS+-SHAKE256-256s-robust
+@nodedescription cm/pub with SPHINCS+-SHAKE256-256s
+@subsection cm/pub with SPHINCS+-SHAKE256-256s
 
     @url{https://sphincs.org/, SPHINCS+} with
     @url{https://keccak.team/, SHAKE256} hash,
-    255-bit security level, small signatures and robust parameters.
+    255-bit security level, small signatures and simple parameters.
 
     @code{sphincs+-shake-256s} algorithm identifier is used.
 

diff --git a/spec/cm/signed.texi b/spec/cm/signed.texi
index 1bf94e59af4a13072a18f5c5e24ac143a53368a4774ce787cfb0a7d83a7e6fa9..10153320c6d9c3f43d028119905343437b529d9ad6f0dde881cf4aa8fc499b14 100644 (file)
--- a/spec/cm/signed.texi
+++ b/spec/cm/signed.texi
@@ -119,13 +119,13 @@ recipient's public key fingerprint(s).
 @node cm-signed-sphincs+-shake-256s
 @cindex cm-signed-sphincs+-shake-256s
 @cindex cm-signed-sphincs+-shake-256s-ph
-@nodedescription cm/signed with SPHINCS+-SHAKE256-256s-robust
-@subsection cm/signed with SPHINCS+-SHAKE256-256s-robust
+@nodedescription cm/signed with SPHINCS+-SHAKE256-256s
+@subsection cm/signed with SPHINCS+-SHAKE256-256s
 
     @url{https://sphincs.org/, SPHINCS+} with
     @url{https://keccak.team/, SHAKE256} hash,
     255-bit security level, small signatures,
-    robust parameters and deterministic signatures.
+    simple parameters and deterministic signatures.
 
     @code{sphincs+-shake-256s} algorithm identifier
     must be used for the signature in pure signing mode.