Paper 2021/662

Verifying Post-Quantum Signatures in 8 kB of RAM

Ruben Gonzalez, Andreas Hülsing, Matthias J. Kannwischer, Juliane Krämer, Tanja Lange, Marc Stöttinger, Elisabeth Waitz, Thom Wiggers, and Bo-Yin Yang

Abstract

In this paper, we study implementations of post-quantum signature schemes on resource-constrained devices. We focus on verification of signatures and cover NIST PQC round-3 candidates Dilithium, Falcon, Rainbow, GeMSS, and SPHINCS+. We assume an ARM CortexM3 with 8 kB of memory and 8 kB of flash for code; a practical and widely deployed setup in, for example, the automotive sector. This amount of memory is insufficient for most schemes. Rainbow and GeMSS public keys are too big; SPHINCS+ signatures do not fit in this memory. To make signature verification work for these schemes, we stream in public keys and signatures. Due to the memory requirements for efficient Dilithium implementations, we stream in the public key to cache more intermediate results. We discuss the suitability of the signature schemes for streaming, adapt existing implementations, and compare performance.

Metadata
Available format(s)
PDF
Category
Implementation
Publication info
Published elsewhere. PQCrypto 2021
Keywords
NISTPQCCortex-M3Signature VerificationStreamingPost-Quantum SignaturesMemory-Constrained Devices
Contact author(s)
streaming-pq-sigs @ kannwischer eu
History
2021-05-25: received
Short URL
https://ia.cr/2021/662
License
Creative Commons Attribution
CC BY

BibTeX

@misc{cryptoeprint:2021/662,
      author = {Ruben Gonzalez and Andreas Hülsing and Matthias J.  Kannwischer and Juliane Krämer and Tanja Lange and Marc Stöttinger and Elisabeth Waitz and Thom Wiggers and Bo-Yin Yang},
      title = {Verifying Post-Quantum Signatures in 8 {kB} of {RAM}},
      howpublished = {Cryptology {ePrint} Archive, Paper 2021/662},
      year = {2021},
      url = {https://eprint.iacr.org/2021/662}
}
Note: In order to protect the privacy of readers, eprint.iacr.org does not use cookies or embedded third party content.