Here are the size of public key, secret key and signature in the implementation. The implementation does not optimize the size, so it explains the difference with theorical sizes.

For stack memory size on an ARM Cortex-M4 device [1] and measured in bytes. Note, no GeMSS assessment has been performed in [2], as GeMSS would take up too much memory:

In this paper, we investigate the possibility of using the multivariate GeMSS signature scheme as the building block of a ring signature scheme. Namely, we determine a set of parameters …

Aside from signature size and verification time, other performance characteristics of GeMSS raise some concerns. The signing time is quite high and the public keys are quite large; these …

Dec 13, 2022 · *Sizes in terms of 3K RSA key and signature sizes From John’s talk About 2.74 times larger than rainbow. Gemss128’s public key is about 2.74 times bigger than …

At present, the shortest public key signatures are obtained with multivariate signature schemes such as Rainbow, Quartz, or GeMMS. Usually, their lengths are between 128 and 256 bits, …

Jul 15, 2021 · In the case of gemss-128, the public key is needed multiple times; once in every of the four evaluations of the public map. Note that the integrity needs to be verified each time.

From a practical point of view, the main drawback of GeMSS is the size of the public-key. However, we mention that the generation of a (public-key,secret-key) remains rather e cient in …

The correction of the parameter D induces minor modifications of the size of the secret-key. As for the performance measurements, we compare the practical size used by the NIST submission …

This repository contains the benchmarks of the NIST's Post Quantum Crypto Contest of Digital Signatures in Process of Standardization (CRYSTALS-DILITHIUM, FALCON, GeMSS, LUOV, …