Paper 2022/538

Post-Quantum Signatures on RISC-V with Hardware Acceleration

Patrick Karl, Jonas Schupp, Tim Fritzmann, and Georg Sigl


CRYSTALS-Dilithium and Falcon are digital signature algorithms based on cryptographic lattices, that are considered secure even if large-scale quantum computers will be able to break conventional public-key cryptography. Both schemes are third round candidates in the ongoing NIST post-quantum competition. In this work, we present a RISC-V HW/SW codesign that aims to combine the advantages of software- and hardware implementations, i.e. flexibility and performance. It shows the use of flexible hardware accelerators, which have been previously used for Public-Key Encryption (PKE) and Key-Encapsulation Mechanism (KEM), for post-quantum signatures. It is optimized for Dilithium as a generic signature scheme but also accelerates applications that require fast verification of Falcon’s compact signatures. We provide a comparison with previous works showing that for Dilithium and Falcon, cycle counts are significantly reduced, such that our design is faster than previous software implementations or other HW/SW codesigns. In addition to that, we present a compact Globalfoundries 22 nm ASIC design that runs at 800 MHz. By using hardware acceleration, energy consumption for Dilithium is reduced by up to 92.2%, and up to 67.5% for Falcon’s signature verification.

Available format(s)
Publication info
Preprint. Minor revision.
Post-QuantumNIST PQCDigital SignaturesHWSW CodesignCRYSTALS-DilithiumFalconRISC-V
Contact author(s)
patrick karl @ tum de
2022-05-10: received
Short URL
Creative Commons Attribution


      author = {Patrick Karl and Jonas Schupp and Tim Fritzmann and Georg Sigl},
      title = {Post-Quantum Signatures on RISC-V with Hardware Acceleration},
      howpublished = {Cryptology ePrint Archive, Paper 2022/538},
      year = {2022},
      note = {\url{}},
      url = {}
Note: In order to protect the privacy of readers, does not use cookies or embedded third party content.