• Introduce XMSS cache.
• Clarify the purpose of random generators.
• SPHINCS+ now can be used as digital signature algorithm through OpenSSL EVP interface.
• Add optional SPHINCS+ OpenSSL engine to package.
• XMSS cache gives a huge impact on the performance of the sign method after the cache is initialized.
Cached vs not_cached performance:
- 0.01s vs 3.29s with sha256_h10 parameter set.
- 0.02s vs 5920.65s with gost256_h20 parameter set.
If the cache is enabled, cache initialization is performed on the first call of generate_keys or sign methods. The cache life cycle is the same as PQLR context life cycle. Cache size is determined by XMSS Merkle tree height (parameter h). With height 10 cache size is around 84 KB, with height 20 cache size is around 84 MB.
• Securely erase buffers with sensitive data.
• Update Doxygen documentation style.