Paper 2013/375

NaCl on 8-Bit AVR Microcontrollers

Michael Hutter and Peter Schwabe

Abstract

This paper presents first results of the Networking and Cryptography library (NaCl) on the 8-bit AVR family of microcontrollers. We show that NaCl, which has so far been optimized mainly for different desktop and server platforms, is feasible on resource-constrained devices while being very fast and memory efficient. Our implementation shows that encryption using Salsa20 requires 268 cycles/byte, authentication using Poly1305 needs 195 cycles/byte, a Curve25519 scalar multiplication needs 22,791,579 cycles, signing of data using Ed25519 needs 23,216,241 cycles, and verification can be done within 32,634,713 cycles. All implemented primitives provide at least 128-bit security, run in constant time, do not use secret-data-dependent branch conditions, and are open to the public domain (no usage restrictions).

Metadata
Available format(s)
PDF
Category
Implementation
Publication info
Published elsewhere. Unknown where it was published
Keywords
Elliptic-curve cryptographyEdwards curvesCurve25519Ed25519Salsa20Poly1305AVRATmega
Contact author(s)
michael hutter @ iaik tugraz at
History
2013-06-12: received
Short URL
https://ia.cr/2013/375
License
Creative Commons Attribution
CC BY

BibTeX 

@misc{cryptoeprint:2013/375,
      author = {Michael Hutter and Peter Schwabe},
      title = {NaCl on 8-Bit AVR Microcontrollers},
      howpublished = {Cryptology ePrint Archive, Paper 2013/375},
      year = {2013},
      note = {\url{https://eprint.iacr.org/2013/375}},
      url = {https://eprint.iacr.org/2013/375}
}
Note: In order to protect the privacy of readers, eprint.iacr.org does not use cookies or embedded third party content.