SLH-DSA-SHAKE-256f Security API

Version: 1.0.0
Last Updated: 2025-01-02
Security Classification: Stateless Hash-Based Signature
Author: MetaMUI Security Team

Overview

SLH-DSA-SHAKE-256f uses SHAKE256 for enhanced security, providing 256-bit security level with stateless operation.

• Algorithm Family: Hash-based signature
• NIST Security Level: Level 5 (256-bit security)
• Key Sizes:
  • Public Key: 64 bytes
  • Secret Key: 128 bytes
  • Signature: 29792 bytes (fast variant)
• Standard: FIPS 205

Security Warnings ⚠️

1. Very Large Signatures: 29792 bytes per signature
2. Maximum Security: 256-bit post-quantum security
3. SHAKE256-based: Uses Keccak sponge construction
4. Bandwidth Consideration: Not suitable for constrained networks

API Functions

Similar to SLH-DSA-SHA2-128f with SHAKE256 and level 5 parameters.

Security Analysis

Threat Model: SLH-DSA-SHAKE-256f Threat Model

The comprehensive threat analysis covers:

• Algorithm-specific attack vectors
• Implementation vulnerabilities
• Side-channel considerations
• Quantum resistance analysis (where applicable)
• Deployment recommendations

For complete security analysis and risk assessment, see the dedicated threat model documentation.

References

1. FIPS 205: Stateless Hash-Based Digital Signature Standard

---

Back to Algorithm Security APIs