High-speed high-security signatures

D.J. Bernstein, N. Duif, T. Lange, P. Schwabe, B.Y. Yang

Research output: Chapter in Book/Report/Conference proceedingConference contributionAcademicpeer-review

90 Citations (SciVal)


This paper shows that a $390 mass-market quad-core 2.4GHz Intel Westmere (Xeon E5620) CPU can create 108000 signatures per second and verify 71000 signatures per second on an elliptic curve at a 2128 security level. Public keys are 32 bytes, and signatures are 64 bytes. These performance figures include strong defenses against software side-channel attacks: there is no data flow from secret keys to array indices, and there is no data flow from secret keys to branch conditions.
Original languageEnglish
Title of host publicationCryptographic Hardware and Embedded Systems - CHES 2011 (13th International Workshop, Nara, Japan, September 28–October 1, 2011. Proceedings)
EditorsB. Preneel, T. Takagi
Place of PublicationBerlin
ISBN (Print)978-3-642-23950-2
Publication statusPublished - 2011

Publication series

NameLecture Notes in Computer Science
ISSN (Print)0302-9743


Dive into the research topics of 'High-speed high-security signatures'. Together they form a unique fingerprint.

Cite this