Cryptology ePrint Archive: Report 2011/368

High-speed high-security signatures

Daniel J. Bernstein and Niels Duif and Tanja Lange and Peter Schwabe and Bo-Yin Yang

Abstract: This paper shows that a $390 mass-market quad-core 2.4GHz Intel Westmere (Xeon E5620) CPU can create 109000 signatures per second and verify 71000 signatures per second on an elliptic curve at a 2^128 security level. Public keys are 32 bytes, and signatures are 64 bytes. These performance figures include strong defenses against software side-channel attacks: there is no data flow from secret keys to array indices, and there is no data flow from secret keys to branch conditions.

Category / Keywords: public-key cryptography / Elliptic curves, Edwards curves, signatures, speed, software side channels, foolproof session keys

Publication Info: This is the full version of a paper accepted at CHES.

Date: received 6 Jul 2011, last revised 27 Sep 2011

Contact author: tanja at hyperelliptic org

Available format(s): PDF | BibTeX Citation

Version: 20110927:095352 (All versions of this report)

Short URL:

[ Cryptology ePrint archive ]