#KEYMASTER: Stateless PQC Digital Signatures: Insights into ML-DSA & SLH-DSA
2025-08-26
In this #KEYMASTER episode, David Hook, VP of Software Engineering for Bouncy Castle, and Sven Rajala, International PKI Man of Mystery, discuss the complexities of stateless post-quantum cryptographic (PQC) digital signatures. They start by exploring what it means for a signature algorithm to be “stateless,” contrasting it with earlier stateful algorithms like XMSS and LMS. The conversation then dives into the two stateless NIST standard algorithms, ML-DSA (Modular Lattice Digital Signature Algorithm) and SLH-DSA (Stateless Hash-Based Digital Signature Algorithm), discussing the difference between their pure and hash-based variants, their internal structures, and practical implementation considerations.
A major highlight is the discussion on the external MU calculation option for ML-DSA, a critical workaround for constrained environments like HSMs, where message sizes might be too large to handle directly. Unfortunately, SLH-DSA lacks a similar mechanism, making its usage more limited in such contexts unless a pre-hash variant is used. The episode ends with reflections on practical implications for systems like CMS and CRLs.
This episode offers a practical and accessible look at how stateless PQC signature schemes are evolving to meet real-world needs. By understanding the differences between ML-DSA and SLH-DSA, and how features like external MU can ease adoption in constrained systems, implementers are better equipped to plan for a quantum-resistant future. Whether you are integrating into HSMs or managing signatures for large artifacts, this discussion provides crucial insights for navigating post-quantum cryptographic transitions.
Learn more about PQC Digital Signature Algorithms:
- NIST ML-DSA – FIPS PUB 204: Module-Lattice-Based Digital Signature Standard: https://csrc.nist.gov/pubs/fips/204/final
- NIST SLH-DSA – FIPS PUB 205: Stateless Hash-Based Digital Signature Standard: https://csrc.nist.gov/pubs/fips/205/final
Related resources
#KEYMASTER: The Evolution of Timestamping: From Classical to Post-Quantum Security