Paper 2011/368

High-speed high-security signatures

Daniel J. Bernstein, Niels Duif, Tanja Lange, Peter Schwabe, and Bo-Yin Yang

Abstract

This paper shows that a $390 mass-market quad-core 2.4GHz Intel Westmere (Xeon E5620) CPU can create 109000 signatures per second and verify 71000 signatures per second on an elliptic curve at a 2^128 security level. Public keys are 32 bytes, and signatures are 64 bytes. These performance figures include strong defenses against software side-channel attacks: there is no data flow from secret keys to array indices, and there is no data flow from secret keys to branch conditions.

Metadata
Available format(s)
PDF
Category
Public-key cryptography
Publication info
Published elsewhere. This is the full version of a paper accepted at CHES.
Keywords
Elliptic curvesEdwards curvessignaturesspeedsoftware side channelsfoolproof session keys
Contact author(s)
tanja @ hyperelliptic org
History
2011-09-27: revised
2011-07-10: received
See all versions
Short URL
https://ia.cr/2011/368
License
Creative Commons Attribution
CC BY

BibTeX

@misc{cryptoeprint:2011/368,
      author = {Daniel J.  Bernstein and Niels Duif and Tanja Lange and Peter Schwabe and Bo-Yin Yang},
      title = {High-speed high-security signatures},
      howpublished = {Cryptology ePrint Archive, Paper 2011/368},
      year = {2011},
      note = {\url{https://eprint.iacr.org/2011/368}},
      url = {https://eprint.iacr.org/2011/368}
}
Note: In order to protect the privacy of readers, eprint.iacr.org does not use cookies or embedded third party content.