Skip to main content

Advertisement

SpringerLink
  1. Home
  2. Journal of Cryptographic Engineering
  3. Article
High-speed high-security signatures
Download PDF
Your article has downloaded

Similar articles being viewed by others

Slider with three articles shown per slide. Use the Previous and Next buttons to navigate the slides or the slide controller buttons at the end to navigate through each slide.

Fast Secure Two-Party ECDSA Signing

27 September 2021

Yehuda Lindell

High-efficiency quantum digital signature scheme for signing long messages

16 November 2018

Hao Zhang, Xue-Bi An, … Qin Wang

Hash-based signature revisited

01 July 2022

Lingyun Li, Xianhui Lu & Kunpeng Wang

Improved constant-sum encodings for hash-based signatures

02 June 2021

Lucas Pandolfo Perin, Gustavo Zambonin, … Daniel Panario

Parallel SHA-256 on SW26010 many-core processor for hashing of multiple messages

13 August 2022

Ziheng Wang, Xiaoshe Dong, … Heng Chen

“S-Box” Implementation of AES Is Not Side Channel Resistant

05 December 2019

Ashokkumar C., Bholanath Roy, … Bernard L. Menezes

DOTMIX-Pro: faster and more efficient variants of DOTMIX for dynamic-multithreading platforms

02 June 2021

Robert Ritchie & Khodakhast Bibak

Group signatures and more from isogenies and lattices: generic, simple, and efficient

27 February 2023

Ward Beullens, Samuel Dobson, … Federico Pintore

On the algebraic degree of iterated power functions

27 October 2022

Clémence Bouvier, Anne Canteaut & Léo Perrin

Download PDF
  • Regular Paper
  • Open Access
  • Published: 14 August 2012

High-speed high-security signatures

  • Daniel J. Bernstein1,
  • Niels Duif2,
  • Tanja Lange2,
  • Peter Schwabe3 &
  • …
  • Bo-Yin Yang4 

Journal of Cryptographic Engineering volume 2, pages 77–89 (2012)Cite this article

  • 3694 Accesses

  • 252 Citations

  • 15 Altmetric

  • Metrics details

Abstract

This paper shows that a $390 mass-market quad-core 2.4GHz Intel Westmere (Xeon E5620) CPU can create 109000 signatures per second and verify 71000 signatures per second on an elliptic curve at a 2128 security level. Public keys are 32 bytes, and signatures are 64 bytes. These performance figures include strong defenses against software side-channel attacks: there is no data flow from secret keys to array indices, and there is no data flow from secret keys to branch conditions.

Download to read the full article text

Working on a manuscript?

Avoid the common mistakes

References

  1. (no editor): 17th annual symposium on foundations of computer science, IEEE Computer Society, 1976. MR 56:1766. See [65]

  2. (no editor): Technical guideline TR-03111, elliptic curve cryptography (2009). URL:https://www.bsi.bund.de/SharedDocs/Downloads/DE/BSI/Publikationen/TechnischeRichtlinien/TR03111/BSI-TR-03111_pdf.pdf?_blob=publicationFile. Citations in this document: §2

  3. (no editor): SPEED: software performance enhancement for encryption and decryption, 2007. URL: http://www.hyperelliptic.org/SPEED. See [35]

  4. (no editor): Proceedings of the 6th ACM symposium on information, computer and communications security, Hong Kong, March 22–24, 2011, Association for Computing Machinery, 2011. ISBN 978-1-4503-0564-8. See [71]

  5. Abdalla, M., Barreto, P.S.L.M. (editors): Progress in cryptology—LATINCRYPT 2010, first international conference on cryptology and information security in Latin America, Puebla, Mexico, August 8–11, 2010, proceedings, Lecture Notes in Computer Science, 6212, Springer, 2010. ISBN 978-3-642-14711-1. See [60]

  6. Abe, M. (editor): Advances in cryptology—ASIACRYPT 2010, 16th international conference on the theory and application of cryptology and information security, Singapore, December 5–9, 2010, proceedings, Lecture Notes in Computer Science, 6477, Springer, 2010. ISBN 978-3-642-17372-1. See [38]

  7. Antipa, A., Brown, D.R.L., Gallant, R.P., Lambert, R.J., Struik, R., Vanstone, S.A.: Accelerated verification of ECDSA signatures, in SAC 2005 [70] (2006), 307–318. MR 2007d:94044. URL: http://www.cacr.math.uwaterloo.ca/techreports/2005/tech_reports2005.html. Citations in this document: §5, §5

  8. Atluri, V., Jaeger, T. (program chairs): Proceedings of the 10th ACM conference on computer and communications security, ACM Press, 2003. ISBN 1-58113-738-9. See [47]

  9. Barwood, G.: Digital signatures using elliptic curves, message 32f519ad. 19609226@news.dial.pipex.com posted to sci.crypt (1997). URL: http://groups.google.com/group/sci.crypt/msg/b28aba37180dd6c6. Citations in this document: §2

  10. Bellare, M., Garay, J.A., Rabin, T.: Fast batch verification for modular exponentiation and digital signatures, in Eurocrypt ’98 [63] (1998), 236–250. URL: http://cseweb.ucsd.edu/~mihir/papers/batch.html. Citations in this document: §5, §5, §5, §5, §5

  11. Bellare, M., Neven, G.: Multi-signatures in the plain public-key model and a general forking lemma, in CCS 2006 [45] (2006), 390–399. URL: http://cseweb.ucsd.edu/~mihir/papers/multisignatures.html. Citations in this document: §2

  12. Bernstein, D.J.: Curve25519: new Diffie-Hellman speed records, in PKC 2006 [82] (2006), 207–228. URL: http://cr.yp.to/papers.html#curve25519. Citations in this document: §1, §1, §2, §2, §2, §2, §3

  13. Bernstein, D.J., Birkner, P., Joye, M., Lange, T., Peters, C.: Twisted Edwards curves, in Africacrypt 2008 [78] (2008), 389–405. URL: http://eprint.iacr.org/2008/013. Citations in this document: §2, §2, §4

  14. Bernstein, D.J., Lange, T.: Faster addition and doubling on elliptic curves, in Asiacrypt 2007 [49] (2007), 29–50. URL: http://eprint.iacr.org/2007/286. Citations in this document: §2, §2

  15. Bernstein, D.J., Lange, T. (editors): eBACS: ECRYPT Benchmarking of Cryptographic Systems, accessed 19 September 2011 (2011). URL: http://bench.cr.yp.to. Citations in this document: §1

  16. Blakley, G.R., Chaum, D. (editors): Advances in cryptology, proceedings of CRYPTO ’84, Santa Barbara, California, USA, August 19–22, 1984, proceedings, Lecture Notes in Computer Science, 196, Springer, Berlin, 1985. ISBN 3-540-15658-5. MR 86j:94003. See [32]

  17. Bos, J.W.: High-performance modular multiplication on the Cell processor, in WAIFI 2010 [39] (2010), 7–24. Citations in this document: §3

  18. Brassard, G. (editor): Advances in cryptology—CRYPTO ’89, 9th annual international cryptology conference, Santa Barbara, California, USA, August 20–24, 1989, proceedings, Lecture Notes in Computer Science, 435, Springer, Berlin, 1990. ISBN 3-540-97317-6. MR 91b:94002. See [73]

  19. Brickell, E.F., Gordon, D.M., McCurley, K.S., Wilson, D.B.: Fast exponentiation with precomputation (extended abstract), in Eurocrypt ’92 [72] (1993), 200–207; see also newer version [20]. URL: http://cr.yp.to/bib/entries.html#1993/brickell-exp. Citations in this document: §4

  20. Brickell, E.F., Gordon, D.M., McCurley, K.S., Wilson, D.B.: Fast exponentiation with precomputation: algorithms and lower bounds (1995); see also older version [19]. URL: http://research.microsoft.com/~dbwilson/bgmw/

  21. Brown, M., Hankerson, D., López, J., Menezes, A.: Software implementation of the NIST elliptic curves over prime fields (2000); see also newer version [22]. URL: http://www.cacr.math.uwaterloo.ca/techreports/2000/corr2000-56.ps. Citations in this document: §1, §1

  22. Brown, M., Hankerson, D., López, J., Menezes, A.: Software implementation of the NIST elliptic curves over prime fields, in CT-RSA 2001 [57] (2001), 250–265; see also older version [21]. MR 1907102

  23. Brumley, B.B., Hakala, R.M.: Cache-timing template attacks, in Asiacrypt 2009 [54] (2009), 667–684. Citations in this document: §1

  24. “Bushing”, Hector Martin “marcan” Cantero, Segher Boessenkool, Sven Peter, PS3 epic fail (2010). URL: http://events.ccc.de/congress/2010/Fahrplan/attachments/1780_27c3_console_hacking_2010.pdf. Citations in this document: §2

  25. Carlsson S.: Average-case results on heapsort. BIT 27, 2–17 (1987) Citations in this document: §5

    Article  MathSciNet  MATH  Google Scholar 

  26. Costigan, N., Schwabe, P.: Fast elliptic-curve cryptography on the Cell Broadband Engine, in Africacrypt 2009 [69] (2009), 368–385. URL: http://cryptojedi.org/users/peter/#celldh. Citations in this document: §3

  27. de Rooij, P.: Efficient exponentiation using precomputation and vector addition chains, in Eurocrypt ’94 [28] (1995), 389–399. MR 1479665. Citations in this document: §5

  28. De Santis, A. (editor): Advances in cryptology—EUROCRYPT ’94, workshop on the theory and application of cryptographic techniques, Perugia, Italy, May 9–12, 1994, proceedings, Lecture Notes in Computer Science, 950, Springer, Berlin, 1995. ISBN 3-540-60176-7. MR 98h:94001. See [27], [59]

  29. Desmedt, Y. (editor): Advances in cryptology—CRYPTO ’94, 14th annual international cryptology conference, Santa Barbara, California, USA, August 21–25, 1994, proceedings, Lecture Notes in Computer Science, 839, Springer, Berlin, 1994. ISBN 3-540-58333-5. See [50]

  30. Dubois, V., Fouque, P.-A., Shamir, A., Stern, J.: Practical cryptanalysis of SFLASH, in Crypto 2007 [55] (2007), 1–12. URL: http://eprint.iacr.org/2007/141. Citations in this document: §1

  31. Duif, N.: Smart card implementation of a digital signature scheme for Twisted Edwards curves, M.A. thesis, Technische Universiteit Eindhoven, 2011. URL: http://www.nielsduif.nl/2011_05_20_report_final.pdf. Citations in this document: §4

  32. ElGamal, T.: A public key cryptosystem and a signature scheme based on discrete logarithms, in Crypto ’84 [16] (1985), 10–18; see also newer version [33]. MR 87b:94037

  33. ElGamal, T.: A public key cryptosystem and a signature scheme based on discrete logarithms, IEEE Transactions on Information Theory 31 (1985), 469–472; see also older version [32]. ISSN 0018-9448. MR 86j:94045. Citations in this document: §2, §2, §2, §2, §2

  34. Galbraith, S., Lin, X., Scott, M.: Endomorphisms for faster elliptic curve cryptography on a large class of curves, in Eurocrypt 2009 [43] (2009), 518–535. URL: http://eprint.iacr.org/2008/194. Citations in this document: §1, §1, §1

  35. Gaudry, P., Thomé, E.: The mpFq library and implementing curvebased key exchanges, in SPEED [3] (2007), 49–64. URL: http://www.loria.fr/~gaudry/papers.en.html. Citations in this document: §1

  36. Gligoroski, D., Odegøard, R.S., Jensen, R.E., Perret, L., Faugère, J.-C., Knapskog, S.J., Markovski, S.: The digital signature scheme MQQ-SIG (2010). URL: http://eprint.iacr.org/2010/527.pdf.Citations in this document: §1

  37. Goh, E.-J., Jarecki, S., Katz, J., Wang, N.: Efficient signature schemes with tight reductions to the Diffie–Hellman problems, Journal of Cryptology 20 (2007), 493–514. URL: http://www.cs.umd.edu/~jkatz/papers.html. See [47]

  38. Granger, R.: On the static Diffie–Hellman problem on elliptic curves over extension fields, in Asiacrypt 2010 [6] (2010), 283–302. URL: http://eprint.iacr.org/2010/177. Citations in this document: §1

  39. Hasan, M.A., Helleseth, T. (editors): Arithmetic of finite fields, third international workshop, WAIFI 2010, Istanbul, Turkey, June 27–30, 2010, proceedings, Lecture Notes in Computer Science, 6087, Springer, 2010. ISBN 978-3-642-13796- 9. See [17]

  40. Hisil, H.: Elliptic curves, group law, and efficient computation, Ph.D. thesis, Queensland University of Technology, 2010. URL: http://eprints.qut.edu.au/33233. Citations in this document: §1

  41. Hisil, H., Wong, K.K.-H., Carter, G., Dawson, E.: Twisted Edwards curves revisited, in Asiacrypt 2008 [64] (2008), 326–343. URL: http://eprint.iacr.org/2008/522. Citations in this document: §4, §4, §4

  42. Hu, Z., Longa, P., Xu, M.: Implementing 4-dimensional GLV method on GLS elliptic curves with j-invariant 0, 15 June 2011 version, accessed 11 July 2011 (2011). URL: http://eprint.iacr.org/2011/315. Citations in this document: §1, §1, §1, §1

  43. Joux, A. (editor): Advances in cryptology—EUROCRYPT 2009, 28th annual international conference on the theory and applications of cryptographic techniques, Cologne, Germany, April 26–30, 2009, proceedings, Lecture Notes in Computer Science, 5479, Springer, 2009. ISBN 978-3-642-01000-2. See [34]

  44. Joux, A., Vitse, V.: Elliptic curve discrete logarithm problem over small degree extension fields. Application to the static Diffie–Hellman problem on \({E(\mathbf{F}_{{q}^{5}})}\) (2010). URL: http://eprint.iacr.org/2010/157. Citations in this document: §1

  45. Juels, A., Wright, R.N., De Capitani di Vimercati, S. (editors): Proceedings of the 13th ACM conference on computer and communications security, CCS 2006, Alexandria, VA, USA, October 30–November 3, 2006, Association for Computing Machinery, (2006). See [11]

  46. Käsper, E.: Fast elliptic curve cryptography in OpenSSL, in 2nd Workshop on Real-Life Cryptographic Protocols and Standardization (RLCPS 2011), to appear (2011). Citations in this document: §1, §1

  47. Katz, J., Wang, N.: Efficiency improvements for signature schemes with tight security reductions, in CCS 2003 [8] (2003), 155–164; portions incorporated into [37]. URL: http://www.cs.umd.edu/~jkatz/papers.html. Citations in this document: §2

  48. Knuth, D.E.: The art of computer programming, volume 3: sorting and searching, 2nd edition, Addison-Wesley, Reading, 1998. ISBN 0-201-89685-0. Citations in this document: §5

  49. Kurosawa, K. (editor): Advances in cryptology—ASIACRYPT 2007, 13th international conference on the theory and application of cryptology and information security, Kuching, Malaysia, December 2–6, 2007, proceedings, Lecture Notes in Computer Science, 4833, Springer, 2007. ISBN 978-3-540-76899-9. See [14]

  50. Lim, C.H., Lee, P.J.: More flexible exponentiation with precomputation, in [29] (1994), 95–107. Citations in this document: §4

  51. Longa, P.: Speed benchmarks for elliptic curve scalar multiplication, accessed 11 July 2011 (2011). URL: http://www.patricklonga.bravehost.com/speed_ecc.html. Citations in this document: §1, §1

  52. Longa, P., Gebotys, C.H.: Efficient techniques for high-speed elliptic curve cryptography, in CHES 2010 [53] (2010), 80–94. Citations in this document: §1, §1, §1

  53. Mangard, S., Standaert, F.-X. (editors): Cryptographic hardware and embedded systems, CHES 2010, 12th international workshop, Santa Barbara, CA, USA, August 17–20, 2010, proceedings, Lecture Notes in Computer Science, 6225, Springer, 2010. ISBN 978-3-642-15030-2. See [52]

  54. Matsui, M. (editor): Advances in cryptology—ASIACRYPT 2009, 15th international conference on the theory and application of cryptology and information security, Tokyo, Japan, December 6–10, 2009, proceedings, Lecture Notes in Computer Science, 5912, Springer, 2009. ISBN 978-3-642-10365-0. See [23]

  55. Menezes, A. (editor): Advances in cryptology—CRYPTO 2007, 27th annual international cryptology conference, Santa Barbara, CA, USA, August 19–23, 2007, proceedings, Lecture Notes in Computer Science, 4622, Springer, 2007. ISBN 978-3-540-74142-8. See [30]

  56. M’Raïhi, D., Naccache, D., Pointcheval, D., Vaudenay, S.: Computational alternatives to random number generators, in SAC ’98 [77] (1999), 72–80. URL: http://www.di.ens.fr/~pointche/Documents/Papers/1998_sac.pdf. Citations in this document: §2

  57. Naccache, D. (editor): Topics in cryptology—CT-RSA 2001: the cryptographers’ track at RSA Conference 2001, San Francisco, CA, USA, April 2001, proceedings, Lecture Notes in Computer Science, 2020, Springer, 2001. ISBN 3-540-41898-9. MR 2003a:94039. See [22]

  58. Naccache, D., M’Raïhi, D., Levy-dit-Vehel, F.: Patent application WO/1998/051038: pseudo-random generator based on a hash coding function for cryptographic systems requiring random drawing (1997). URL: http://www.wipo.int/pctdb/en/ia.jsp?IA=FR1998000901. Citations in this document: §2

  59. Naccache, D., M’Raïhi, D., Vaudenay, S., Raphaeli, D.: Can D.S.A. be improved? Complexity trade-offs with the digital signature standard, in Eurocrypt ’94 [28] (1994). Citations in this document: §5, §5, §5, §5, §5, §5, §5

  60. Naehrig, M., Niederhagen, R., Schwabe, P.: New software speed records for cryptographic pairings, in Latincrypt 2010 [5] (2010), 109–123. URL: http://cryptojedi.org/users/peter/#dclxvi. Citations in this document: §3

  61. Neven, G., Smart, N.P., Warinschi, B.: Hash function requirements for Schnorr signatures, Journal of Mathematical Cryptology 3 (2009), 69–87. URL: http://www.zurich.ibm.com/~nev/papers/schnorr.html. Citations in this document: §2, §2

  62. Nguyen P.Q., Shparlinski I.:: The insecurity of the elliptic curve digital signature algorithm with partially known nonces. Designs, Codes and Cryptography 30, 201–217 (2003) Citations in this document: §2

    Article  MathSciNet  MATH  Google Scholar 

  63. Nyberg, K. (editor): Advances in cryptology—EUROCRYPT ’98, international conference on the theory and application of cryptographic techniques, Espoo, Finland, May 31–June 4, 1998, proceedings, Lecture Notes in Computer Science, 1403, Springer, 1998. ISBN 3-540-64518-7. See [10]

  64. Pieprzyk, J. (editor): Advances in cryptology—ASIACRYPT 2008, 14th international conference on the theory and application of cryptology and information security, Melbourne, Australia, December 7–11, 2008, Lecture Notes in Computer Science, 5350, 2008. ISBN 978-3-540-89254-0. See [41]

  65. Pippenger, N.: On the evaluation of powers and related problems (preliminary version), in FOCS ’76 [1] (1976), 258–263; newer version split into [66] and [67]. MR 58:3682. URL: http://cr.yp.to/bib/entries.html#1976/pippenger. Citations in this document: §4, §5

  66. Pippenger, N.: The minimum number of edges in graphs with prescribed paths, Mathematical Systems Theory 12 (1979), 325–346; see also older version [65]. ISSN 0025-5661. MR 81e:05079. URL: http://cr.yp.to/bib/entries.html#1976/pippenger

  67. Pippenger, N.: On the evaluation of powers and monomials, SIAM Journal on Computing 9 (1980), 230–250; see also older version [65]. ISSN 0097-5397. MR 82c:10064. URL: http://cr.yp.to/bib/entries.html#1976/pippenger

  68. Pointcheval, D., Stern, J.: Security arguments for digital signatures and blind signatures, Journal of Cryptology 13 (2000), 361–396. URL: ftp://ftp.di.ens.fr/pub/users/pointche/Papers/2000_joc.pdf. Citations in this document: §2

  69. Preneel, B. (editor): Progress in cryptology—AFRICACRYPT 2009, second international conference on cryptology in Africa, Gammarth, Tunisia, June 21–25, 2009, proceedings, Lecture Notes in Computer Science, 5580, Springer, 2009. See [26]

  70. Preneel, B., Tavares, S.E. (editors): Selected areas in cryptography, 12th international workshop, SAC 2005, Kingston, ON, Canada, August 11–12, 2005, revised selected papers, Lecture Notes in Computer Science, 3897, Springer, 2006. ISBN 3-540-33108-5. MR 2007b:94002. See [7]

  71. Rangasamy, J., Stebila, D., Boyd, C., Nieto, J.G.: An integrated approach to cryptographic mitigation of denial-of-service attacks, in ASIACCS 2011 [4] (2011). URL: http://www.douglas.stebila.ca/files/research/papers/RSBG11.pdf. Citations in this document: §1

  72. Rueppel, R.A. (editor): Advances in cryptology—EUROCRYPT ’92, workshop on the theory and application of cryptographic techniques, Balatonfüred, Hungary, May 24–28, 1992, proceedings, Lecture Notes in Computer Science, 658, Springer, Berlin, 1993. ISBN 3-540-56413-6. MR 94e:94002. See [19]

  73. Schnorr, C.P.: Efficient identification and signatures for smart cards, in Crypto ’89 [18] (1990), 239–252; see also newer version [74]. Citations in this document: §2, §2, §2

  74. Schnorr, C.P.: Efficient signature generation by smart cards, Journal of Cryptology 4 (1991), 161–174; see also older version [73]. URL: http://www.mi.informatik.uni-frankfurt.de/research/papers.html

  75. Schnorr, C.P., Jakobsson, M.: Security of discrete log cryptosystems in the random oracle + generic model (2000). URL: http://www.mi.informatik.uni-frankfurt.de/research/papers.html. Citations in this document: §2

  76. Stern, J., Pointcheval, D., Malone-Lee, J., Smart, N.P.: Flaws in applying proof methodologies to signature schemes, in Crypto 2002 [81] (2002), 93–110. Citations in this document: §2

  77. Tavares, S., Meijer, H. (editors): Selected areas in cryptography, 5th annual international workshop, SAC98, Kingston, Ontario, Canada, August 17–18, 1998, proceedings, Lecture Notes in Computer Science, 1556, Springer, 1999. ISBN 3-540-65894-7. See [56]

  78. Vaudenay, S. (editor): Progress in cryptology—AFRICACRYPT 2008, First international conference on cryptology in Africa, Casablanca, Morocco, June 11–14, 2008, proceedings, Lecture Notes in Computer Science, 5023, Springer, 2008. ISBN 978-3-540-68159-5. See [13]

  79. Wegener, I.: Bottom-up-heapsort, a new variant of heapsort, beating, on average, quicksort (if n is not very small), Theoretical Computer Science 118 (1993), 81–98. Citations in this document: §5

  80. Wigley, J.: Removing need for rng in signatures, message 5gov5dpad@wapping.ecs.soton.ac.uk posted to sci.crypt (1997). URL: http://groups.google.com/group/sci.crypt/msg/a6da45bcc8939a89. Citations in this document: §2

  81. Yung, M. (editor): Advances in cryptology—CRYPTO 2002, 22nd annual international cryptology conference, Santa Barbara, California, USA, August 18–22, 2002, proceedings, Lecture Notes in Computer Science, 2442, Springer, 2002. ISBN 3-540-44050-X. See [76]

  82. Yung, M., Dodis, Y., Kiayias, A., Malkin, T. (editors): Public key cryptography—9th international conference on theory and practice in public-key cryptography, New York, NY, USA, April 24–26, 2006, proceedings, Lecture Notes in Computer Science, 3958, Springer, 2006. ISBN 978-3-540-33851-2. See [12]

Download references

Open Access

This article is distributed under the terms of the Creative Commons Attribution License which permits any use, distribution, and reproduction in any medium, provided the original author(s) and the source are credited.

Author information

Authors and Affiliations

  1. Department of Computer Science, University of Illinois at Chicago, Chicago, IL, 60607-7053, USA

    Daniel J. Bernstein

  2. Department of Mathematics and Computer Science, Technische Universiteit Eindhoven, P.O. Box 513, 5600 MB, Eindhoven, The Netherlands

    Niels Duif & Tanja Lange

  3. Department of Electrical Engineering, National Taiwan University, 1, Section 4, Roosevelt Road, Taipei, 10617, Taiwan

    Peter Schwabe

  4. Institute of Information Science, Academia Sinica, 128 Section 2 Academia Road, Taipei, 115-29, Taiwan

    Bo-Yin Yang

Authors
  1. Daniel J. Bernstein
    View author publications

    You can also search for this author in PubMed Google Scholar

  2. Niels Duif
    View author publications

    You can also search for this author in PubMed Google Scholar

  3. Tanja Lange
    View author publications

    You can also search for this author in PubMed Google Scholar

  4. Peter Schwabe
    View author publications

    You can also search for this author in PubMed Google Scholar

  5. Bo-Yin Yang
    View author publications

    You can also search for this author in PubMed Google Scholar

Corresponding author

Correspondence to Daniel J. Bernstein.

Additional information

This work was supported by the National Science Foundation under grant 1018836, by the European Commission under Contract ICT-2007-216676 ECRYPT II, and by the National Science Council, National Taiwan University and Intel Corporation under Grant NSC99-2911-I-002-001 and 99-2218-E-001-007, and the Academia Sinica Career Award. Part of this work was carried out when Peter Schwabe was employed by Academia Sinica, Taiwan. Part of this work was carried out when Niels Duif was employed by Compumatica secure networks BV, the Netherlands. Permanent ID of this document: a1a62a2f76d23f65d622484ddd09caf8. Date: 2012.01.26.

Rights and permissions

Open Access This article is distributed under the terms of the Creative Commons Attribution 2.0 International License (https://creativecommons.org/licenses/by/2.0), which permits unrestricted use, distribution, and reproduction in any medium, provided the original work is properly cited.

Reprints and Permissions

About this article

Cite this article

Bernstein, D.J., Duif, N., Lange, T. et al. High-speed high-security signatures. J Cryptogr Eng 2, 77–89 (2012). https://doi.org/10.1007/s13389-012-0027-1

Download citation

  • Received: 05 October 2011

  • Accepted: 04 January 2012

  • Published: 14 August 2012

  • Issue Date: September 2012

  • DOI: https://doi.org/10.1007/s13389-012-0027-1

Share this article

Anyone you share the following link with will be able to read this content:

Sorry, a shareable link is not currently available for this article.

Provided by the Springer Nature SharedIt content-sharing initiative

Keywords

  • Elliptic curves
  • Edwards curves
  • Signatures
  • Speed
  • Software side channels
  • Foolproof session keys
Download PDF

Working on a manuscript?

Avoid the common mistakes

Advertisement

Over 10 million scientific documents at your fingertips

Switch Edition
  • Academic Edition
  • Corporate Edition
  • Home
  • Impressum
  • Legal information
  • Privacy statement
  • California Privacy Statement
  • How we use cookies
  • Manage cookies/Do not sell my data
  • Accessibility
  • FAQ
  • Contact us
  • Affiliate program

Not affiliated

Springer Nature

© 2023 Springer Nature Switzerland AG. Part of Springer Nature.