Ed25519 signatures for microcontrollers
Small, sweet, swift: Ed25519 signatures for microcontrollers.
With assembly optimizations for Cortex-M4 and Cortex-M33.
NOTE: This is work-in-progress and not audited!
The usual warnings apply: Your hamster will explode, etc. etc.
From highest to lowest priority:
- understandable code
- timing side-channel free
- design for easy integration in embedded projects
- sufficiently small compiled code size
- useful speed
None of these releases exist quite yet.
Basic signature functionality
- allocation free API for signatures
- transcription of Ed25519 from TweetNaCl
- Bjoern Haase's field arithmetic optimizations
- use subtle
- fuzzing to test correctness against known good implementation
- side-fuzzing to test for timing side-channels
Completion! The rest of NaCl.
- authenticated encryption