WOTS+ (Winternitz One-Time Signature)

Definition

WOTS+ is a hash-based one-time signature scheme used within SPHINCS+ and other hash-based signature systems. Each WOTS+ key pair can securely sign exactly one message. SPHINCS+ manages many WOTS+ instances through Merkle trees to enable multiple signings from one public key.

Technical Explanation

WOTS+ signs messages by iteratively hashing secret key components based on message digits. The Winternitz parameter w trades signature size for computation—higher w means smaller signatures but more hashing. WOTS+ improvements over original WOTS include better security proofs and tighter parameters.

Security is unconditional given hash function security: an attacker seeing one signature cannot forge another. The limitation—each key signs once—is resolved by SPHINCS+ using Merkle trees to organize many WOTS+ key pairs under one root.

SynX Relevance

Every SPHINCS+ signature in SynX internally uses WOTS+ for the actual signing operation. The SPHINCS+ structure handles key management so users experience stateless signing while WOTS+ provides the core quantum-resistant security. This layered approach combines efficiency with robustness.

Frequently Asked Questions

Why "one-time" if I can sign many transactions?: SPHINCS+ manages many WOTS+ instances internally; you never reuse the same one-time key.
What happens if a WOTS+ key is reused?: Security degrades—attackers can forge signatures. SPHINCS+ prevents this through careful state management.
Is WOTS+ fast?: Signing requires many hash computations; it's slower than lattice signatures but fast enough for transactions.

Proven one-time signature security. Transaction signing with SynX