一、OID 命名结构
1. 纯模式(Pure Mode)
直接对原始消息签名,OID 格式为:
xml
id-slh-dsa-<hash-family>-<security-level><variant>其中:
<hash-family>:sha2或shake<security-level>:128、192、256<variant>:s(small,优化签名长度)或f(fast,优化签名/密钥生成速度)
示例:
id-slh-dsa-sha2-128sid-slh-dsa-shake-256f
这些 OID 隶属于 nistAlgorithms(2.16.840.1.101.3.4.3) 下的 sigAlgs(20--31) 范围。
2. 预哈希模式(Hashed Mode)
先对消息进行指定哈希,再对摘要签名,OID 格式为:
python
id-hash-slh-dsa-<hash-family>-<security-level><variant>-with-<prehash-alg>其中 <prehash-alg> 必须与安全级别匹配:
- 128 位安全 → SHA-256 或 SHAKE128
- 192 位安全 → SHA-384 或 SHAKE192
- 256 位安全 → SHA-512 或 SHAKE256
示例:
id-hash-slh-dsa-sha2-128s-with-sha256id-hash-slh-dsa-shake-256f-with-shake256
这些 OID 隶属于 nistAlgorithms.sigAlgs(2.16.840.1.101.3.4.3) 的 35--46 范围。
二、完整 OID 列表(按安全级别分类)
SLH-DSA算法
SLH-DSA(Stateless Hash-Based Digital Signature Algorithm)是 NIST 在 FIPS 205 标准中正式标准化的后量子数字签名算法,其 OID(对象标识符)由 NIST CSOR(Computer Security Objects Registry) 分配,用于在 X.509 PKI、CMS 等密码协议中唯一标识不同参数组合和工作模式。
| 安全级别 | 模式 | 哈希家族 | 变体 | OID 名称 | 示例 OID(十进制点分格式) |
|---|---|---|---|---|---|
| 128 | Pure | sha2 | s | id-slh-dsa-sha2-128s | 2.16.840.1.101.3.4.3.20 |
| 128 | Pure | sha2 | f | id-slh-dsa-sha2-128f | 2.16.840.1.101.3.4.3.21 |
| 128 | Pure | shake | s | id-slh-dsa-shake-128s | 2.16.840.1.101.3.4.3.22 |
| 128 | Pure | shake | f | id-slh-dsa-shake-128f | 2.16.840.1.101.3.4.3.23 |
| 192 | Pure | sha2 | s | id-slh-dsa-sha2-192s | 2.16.840.1.101.3.4.3.24 |
| 192 | Pure | sha2 | f | id-slh-dsa-sha2-192f | 2.16.840.1.101.3.4.3.25 |
| 192 | Pure | shake | s | id-slh-dsa-shake-192s | 2.16.840.1.101.3.4.3.26 |
| 192 | Pure | shake | f | id-slh-dsa-shake-192f | 2.16.840.1.101.3.4.3.27 |
| 256 | Pure | sha2 | s | id-slh-dsa-sha2-256s | 2.16.840.1.101.3.4.3.28 |
| 256 | Pure | sha2 | f | id-slh-dsa-sha2-256f | 2.16.840.1.101.3.4.3.29 |
| 256 | Pure | shake | s | id-slh-dsa-shake-256s | 2.16.840.1.101.3.4.3.30 |
| 256 | Pure | shake | f | id-slh-dsa-shake-256f | 2.16.840.1.101.3.4.3.31 |
| 128 | Prehash | sha2 | s | id-hash-slh-dsa-sha2-128s-with-sha256 | 2.16.840.1.101.3.4.3.35 |
| 128 | Prehash | sha2 | f | id-hash-slh-dsa-sha2-128f-with-sha256 | 2.16.840.1.101.3.4.3.36 |
| 128 | Prehash | shake | s | id-hash-slh-dsa-shake-128s-with-shake128 | 2.16.840.1.101.3.4.3.37 |
| 128 | Prehash | shake | f | id-hash-slh-dsa-shake-128f-with-shake128 | 2.16.840.1.101.3.4.3.38 |
| 192 | Prehash | sha2 | s | id-hash-slh-dsa-sha2-192s-with-sha384 | 2.16.840.1.101.3.4.3.39 |
| 192 | Prehash | sha2 | f | id-hash-slh-dsa-sha2-192f-with-sha384 | 2.16.840.1.101.3.4.3.40 |
| 192 | Prehash | shake | s | id-hash-slh-dsa-shake-192s-with-shake192 | 2.16.840.1.101.3.4.3.41 |
| 192 | Prehash | shake | f | id-hash-slh-dsa-shake-192f-with-shake192 | 2.16.840.1.101.3.4.3.42 |
| 256 | Prehash | sha2 | s | id-hash-slh-dsa-sha2-256s-with-sha512 | 2.16.840.1.101.3.4.3.43 |
| 256 | Prehash | sha2 | f | id-hash-slh-dsa-sha2-256f-with-sha512 | 2.16.840.1.101.3.4.3.44 |
| 256 | Prehash | shake | s | id-hash-slh-dsa-shake-256s-with-shake256 | 2.16.840.1.101.3.4.3.45 |
| 256 | Prehash | shake | f | id-hash-slh-dsa-shake-256f-with-shake256 | 2.16.840.1.101.3.4.3.46 |
三、参考资料
- FIPS 205 : nvlpubs.nist.gov/nistpubs/FI...
- RFC 9814 : www.rfc-editor.org/rfc/rfc9814...
- NIST CSOR Registry : csrc.nist.gov/projects/co...
- NIST CSOR