June 2025
These lectures describe LMS, XMSS and SPHINCS+ (SLH-DSA), the quantum-safe hash-based signature schemes that were standardized by the National Institute of Standards and Technology (NIST).
Learning outcomes
On successful completion of this course, students will be able to:
- Understand the important elements of the LMS, XMSS and SPHINCS+ signature schemes.
- Understand how LMS, XMSS and SPHINCS+ work.
- Appreciate the many optimizations that were incorporated into their design.
- Read the RFC 8554, RFC 8391 and FIPS 205 documents and fully understand them, including the technical details that were omitted from the lectures.
Note to instructors
If you are teaching a course in applied cryptography and would like to use my video lectures as a secondary source or a primary source, please send me an email message. I will be happy to arrange a meeting with you, to tell you about my experience teaching applied cryptography over the past 30 years, and we can have a discussion about the curriculum, exercises, projects, and tests for your course. If you use any of the resources (videos or slides) on this web page in your classes, please do provide your students a link to my page (cryptography101.ca).
YouTube Lectures
Full Playlist
V1: Introduction
V2: Hash functions
V3: The Lamport signature scheme
V4: Lamport signatures: problems and solutions
V5: Leighton-Micali signature scheme (LMS)
V6: SPHINCS+
Additional Material
Errata (last updated: Nov 27, 2025)
Here is a list of errors in the video lectures. These errors have already been corrected in the lecture slides (available below).
- None so far.