Cryptology ePrint Archive: Report 2021/662

Verifying Post-Quantum Signatures in 8 kB of RAM

Ruben Gonzalez and Andreas Hülsing and Matthias J. Kannwischer and Juliane Krämer and Tanja Lange and Marc Stöttinger and Elisabeth Waitz and Thom Wiggers and Bo-Yin Yang

Abstract: In this paper, we study implementations of post-quantum signature schemes on resource-constrained devices. We focus on verification of signatures and cover NIST PQC round-3 candidates Dilithium, Falcon, Rainbow, GeMSS, and SPHINCS+. We assume an ARM CortexM3 with 8 kB of memory and 8 kB of flash for code; a practical and widely deployed setup in, for example, the automotive sector. This amount of memory is insufficient for most schemes. Rainbow and GeMSS public keys are too big; SPHINCS+ signatures do not fit in this memory. To make signature verification work for these schemes, we stream in public keys and signatures. Due to the memory requirements for efficient Dilithium implementations, we stream in the public key to cache more intermediate results. We discuss the suitability of the signature schemes for streaming, adapt existing implementations, and compare performance.

Category / Keywords: implementation / NISTPQC, Cortex-M3, Signature VerificationStreaming, Post-Quantum Signatures, Memory-Constrained Devices

Original Publication (in the same form): PQCrypto 2021

Date: received 21 May 2021

Contact author: streaming-pq-sigs at kannwischer eu

Available format(s): PDF | BibTeX Citation

Version: 20210525:070210 (All versions of this report)

Short URL: ia.cr/2021/662


[ Cryptology ePrint archive ]