Code360 powered by Coding Ninjas X Code360 powered by Coding Ninjas X
Table of contents
Winternitz Signature Scheme
How Winternitz Signature Scheme Works?
Key Generation
Signature Generation
Signature Verification
How Winternitz Signature Scheme is better than others
Frequently Asked Questions
What are the two most common types of cryptography?
What is a hash-based signature?
What is a signature verification algorithm?
What is a signature cypher?
What type of cryptography is employed in digital signatures?
Last Updated: Mar 27, 2024

Winternitz Signature Scheme

Master Python: Predicting weather forecasts
Ashwin Goyal
Product Manager @


Do you know our digital world is at risk at present? It is because most quantum computers can crack public key methods and access our sensitive data. Well, you don’t have to worry about losing anything because, with technological advancements, the security protocols are updating daily. We all know about cryptography, and this is our most advanced tool to help us deal with our modern world problems.

winternitz sign scheme

This article will discuss the Winternitz signature scheme. It is a sign technique that uses a one-time sign mechanism of cryptography to secure public and private keys. In this article, we will see how the Winternitz signature schemes work. We will discuss every step involved in the working process and how the Winternitz signature scheme is better than other sign schemes. So without further ado, let’s get started!

Winternitz Signature Scheme

Winternitz One Time Signature (WOTS) is a quantum-resistant digital sign technique with small key and sign sizes. It is a one-time sign mechanism that can only be used to sign one message securely.

The Winternitz signature scheme, loosely based on the Lamport Signature, is a one-time signature (OTS) technique. That is, it is often based on universal one-way functions (e.g., SHA-256). It requires users to limit each transaction to one secret/public key combination. It can also sign multiple bits at once because it relies on relatively small keys and signature sizes.

The method of WOTS is:

  • It produces a total of 32 256-bit random private keys.
  • This is repeated several times. It then uses a parameter (W) to define them.
  • Using W = 8, we can hash the private keys (2W).
  • It produces public keys with lengths ranging from 32 to 256 bits.
  • The signature is created by subtracting the 8-bit binary int (n) from 256 and then hashing the private key 256 times.
  • Following that, the signature comprises 32 hashes generated from random private keys.
Get the tech career you deserve, faster!
Connect with our expert counsellors to understand how to hack your way to success
User rating 4.7/5
1:1 doubt support
95% placement record
Akash Pal
Senior Software Engineer
326% Hike After Job Bootcamp
Himanshu Gusain
Programmer Analyst
32 LPA After Job Bootcamp
After Job

How Winternitz Signature Scheme Works?

Robert Winternitz proposed the Winternitz Signature Scheme method. It is considered quantum robust since it employs small key and signature sizes. Following is the working of WOTS.

  • Key Generation
  • Signature Generation
  • Signature Verification

Key Generation

The first step of working with WOTS is key generation. The following are the process steps of key generation,

  • A pair of keys, a private key and a public key, must be generated.
  • To generate the private key, 32 256-bit random numbers are generated using a random number generator.
  • All of the 32 numbers are hashed 256 times to produce an additional set of 32 256-bit numbers for the public key. Anyone has access to the public key.
key generation

Signature Generation

The next part of working with WOTS is sign generation. Following are the steps of sign generation.

  • The message is hashed using SHA 256, yielding a 256-bit digest. This hash is divided into 32 8-bit values (N1N2N3...N32).
  • Each 8-bit value is hashed 256 times. Here N is the value of the 8-bit value. If N1 is an 8-bit number with the value 10001010 = 138, it will be hashed 256 - 138 = 118 times. This step is repeated for each of the 8-bit values to generate the digital signature.
sign generation

Signature Verification

The last step of working with WOTS is sign verification. Following are the steps of sign verification.

  • The SHA-256 algorithm is used to construct a digest of 32 8-bit integers (N1N2N3...N32) derived from the message.
  • The signature value is then hashed by the number of times specified by the message hash value (N1N2N3...N32).
  • The signature is then compared against the public key; if the two matches, the signature is valid.
sign verification

How Winternitz Signature Scheme is better than others

When instantiated with a family of pseudo-random functions, the Winternitz signature scheme is existentially unforgeable against adaptive chosen message attacks. It is compared to prior techniques, which required a collision-resistant hash function. 

The WOTS gives much lower-level signs while maintaining the same level of security. This, in turn, makes WOTS better and more secure than other sign schemes.

Frequently Asked Questions

What are the two most common types of cryptography?

Cryptography is typically divided into two types, symmetric key and asymmetric key cryptography.

What is a hash-based signature?

A hash-based signature scheme is a one-time signature scheme (OTS). It requires each key pair to sign only one message. An attacker can fabricate signatures if an OTS key pair is used to sign two separate messages. That’s why we use a hash-based signature scheme.

What is a signature verification algorithm?

The algorithm employs a key pair comprised of a public and a private key. The private key generates a digital signature for a message, which can then be validated using the signer's public key.

What is a signature cypher?

A cypher both encrypts and decrypts data. A signature algorithm encrypts a message digest with a cypher and then decrypts and compares that digest at the receiving end.

What type of cryptography is employed in digital signatures?

Public key cryptography, often known as asymmetric cryptography, underpins digital signatures. Two keys are generated using a public key method, such as RSA (Rivest-Shamir-Adleman), resulting in a mathematically connected pair of private and public keys.


This article briefly discussed the Winternitz signature schemes. We discussed it in detail along with its working. We hope this blog has helped you understand the Winternitz signature schemes. If you like to learn more, you can check out our articles: 


Refer to our Guided Path on Coding Ninjas Studio to upskill yourself in Data Structures and AlgorithmsCompetitive ProgrammingJavaScriptAWS and many more! If you wish to test your skills in coding, check out the mock test series and participate in the contests hosted on Coding Ninjas Studio! 

For placement preparations, you must look at the problemsinterview experiences, and interview bundles.

You can consider our paid courses to give your career an edge over others!

Happy Learning!

Previous article
Lamport Signature Scheme
Next article
Merkle Signature Scheme
Live masterclass