Additional Parameter sets for LMS Hash-Based Signatures

The information below is for an old version of the document
Document Type Expired Internet-Draft (individual)
Authors Scott Fluhrer  , Quynh Dang 
Last updated 2020-09-20 (latest revision 2020-03-19)
Stream (None)
Expired & archived
plain text xml pdf htmlized bibtex
Stream Stream state (No stream defined)
Consensus Boilerplate Unknown
RFC Editor Note (None)
IESG IESG state Expired
Telechat date
Responsible AD (None)
Send notices to (None)

This Internet-Draft is no longer active. A copy of the expired Internet-Draft can be found at


This note extends LMS (RFC 8554) by defining parameter sets by including additional hash functions. Hese include hash functions that result in signatures with significantly smaller than the signatures using the current parameter sets, and should have sufficient security. This document is a product of the Crypto Forum Research Group (CFRG) in the IRTF.


Scott Fluhrer (
Quynh Dang (

(Note: The e-mail addresses provided for the authors of this Internet-Draft may no longer be valid.)