Skip to content
Switch branches/tags

Latest commit


Git stats


Failed to load latest commit information.
Latest commit message
Commit time

SOFIA: MQ-based signatures in the QROM

This code package contains the source code that accompanies the paper "SOFIA: MQ-based signatures in the QROM". It contains a C reference implementation and an optimized avx2 implementation, in the respective directories. The code is self-contained and does not require any external dependencies. When referring to this implementation, please refer to the original paper:

Ming-Shing Chen, Andreas Hülsing, Joost Rijneveld, Simona Samardjiska, and Peter Schwabe. SOFIA: MQ-based signatures in the QROM.

In order to verify correctness of the code, several tests are supplied. These can be called by calling make test in one of the code directories. Simply calling make builds the tests, but does not run them yet. This also runs test/speed, which provides benchmarks for the API functions (i.e. crypto_sign, crypto_sign_open and crypto_keypair), as well as numerous internal functions.

To verify compatibility between the reference code and the avx2 code, we have included a script, which iterates over all combinations of the API functions from both implementations to verify correct results. Simply call it by running ./ from the top directory.

The scripts directory contains two scripts that were used when constructing this implementation. The file was used to create and test an arrangement of rotations such that during an evaluation of the MQ function, all quadratic monomials are produced. Using, we have computed the resulting signature size for various parameter sets.


Reference and AVX2 optimized implementations of SOFIA, accompanying the paper "SOFIA: MQ-based signatures in the QROM"




No releases published


No packages published