Paper 2022/323

Dilithium for Memory Constrained Devices

Joppe W. Bos, NXP (Belgium)
Joost Renes, NXP (Netherlands)
Amber Sprenkels, NXP (Netherlands)

We investigate the use of the Dilithium post-quantum digital signature scheme on memory-constrained systems. Reference and optimized implementations of Dilithium in the benchmarking framework pqm4 (Cortex-M4) require 50 – 100 KiB of memory, demonstrating the significant challenge to use Dilithium on small IoT platforms. We show that compressing polynomials, using an alternative number theoretic transform, and falling back to the schoolbook method for certain multiplications reduces the memory footprint significantly. This results in the first implementation of Dilithium for which the recommended parameter set requires less than 7 KiB of memory for key and signature generation and less than 3 KiB of memory for signature verification. We also provide benchmark details of a portable implementation in order to estimate the performance impact when using these memory reduction methods.

Note: This preprint has not undergone peer review (when applicable) or any post-submission improvements or corrections. The Version of Record of this contribution is published in Progress in Cryptology - AFRICACRYPT 2022, and is available online at

Available format(s)
Publication info
Published elsewhere. Progress in Cryptology - AFRICACRYPT 2022
Dilithium implementation memory optimization NIST PQC lattice-based cryptography
Contact author(s)
joppe bos @ nxp com
joost renes @ nxp com
amber @ electricdusk com
2022-12-16: revised
2022-03-08: received
See all versions
Short URL
Creative Commons Attribution


      author = {Joppe W.  Bos and Joost Renes and Amber Sprenkels},
      title = {Dilithium for Memory Constrained Devices},
      howpublished = {Cryptology ePrint Archive, Paper 2022/323},
      year = {2022},
      doi = {10.1007/978-3-031-17433-9_10},
      note = {\url{}},
      url = {}
Note: In order to protect the privacy of readers, does not use cookies or embedded third party content.