Has anyone done cryptanalysis of the specification of the algorithms you are using?
The cryptanalysis of algorithms was done by the authors. Have a look at these articles: - SPHINCS+ (Part 9, from Page 42) - NewHope (Part 4, from page 25)
Does the signature algorithm require a public key infrastructure (PKI)? Can the existing one be used?
The signature algorithm uses a pair of public and private keys. To transfer it to the algorithm the documented API is used. Our implementation doesn't define the key storage method, so a user can choose the most suitable method on his own.