HERO-Sign: Hierarchical Tuning and Efficient Compiler-Time GPU Optimizations for SPHINCS+ Signature Generation

SPHINCS+ is a stateless hash-based signature scheme that provides strong post quantum security, but its signature generation is slow due to intensive hash computations. GPUs offer massive parallelism that can potentially accelerate SPHINCS+ signatures. However, existing GPU-based optimizations either fail to fully exploit the inherent parallelism of SPHINCS+'s Merkle tree structure or lack fine-grained, compiler-level customization across its diverse computational kernels. This paper proposes HERO Sign, a GPU-accelerated SPHINCS+ implementation that adopts hierarchical tuning and efficient compiler time optimizations. HERO Sign reexamines the parallelization opportunities enabled by data independence across SPHINCS+ components, including FORS, MSS, and WOTS+. It introduces a Tree Fusion strategy for FORS, which contains a large number of independent branches. The fusion strategy is guided by an automated Tree Tuning search algorithm that adapts fusion schemes to different GPU architectures. To further improve performance, HERO Sign employs an adaptive compilation strategy that accounts for the varying effectiveness of compiler optimizations across SPHINCS+ kernels such as FORS Sign, TREE Sign, and WOTS+ Sign. During compilation, the strategy automatically selects between PTX and native code paths to maximize efficiency. For batched signature generation, HERO Sign optimizes kernel-level overlapping using a task graph-based construction to reduce multi-stream idle time and kernel launch overhead. Experimental results show that, compared to state of the art GPU implementations, HERO Sign achieves throughput improvements of 1.28-3.13, 1.28-2.92, and 1.24-2.60 under the SPHINCS+ 128f, 192f, and 256f parameter sets on RTX 4090. Similar gains are observed on A100, H100, and GTX 2080, along with a two orders of magnitude reduction in kernel launch latency.