#no-std #na-cl #ed25519 #cryptography #signatures

no-std salty

Small, sweet, swift Ed25519 signatures for microcontrollers

8 releases

Uses new Rust 2021

new 0.2.0 Nov 24, 2021
0.2.0-alpha.2 Jun 10, 2021
0.2.0-alpha.1 Feb 26, 2021
0.1.0-alpha.2 Feb 1, 2021
0.0.0 Jun 9, 2019

#185 in Cryptography

23 downloads per month

Apache-2.0 OR MIT

260KB
6K SLoC

Rust 2.5K SLoC // 0.2% comments C 2.5K SLoC // 0.1% comments GNU Style Assembly 1K SLoC // 0.1% comments Shell 8 SLoC // 0.2% comments Python 6 SLoC

salty

Ed25519 signatures for microcontrollers

Overview

Build Status

Small, sweet, swift: Ed25519 signatures for microcontrollers.
With assembly optimizations for Cortex-M4 and Cortex-M33.

NOTE: This is work-in-progress and not audited! The usual warnings apply: Your hamster will explode, etc. etc.

Work on salty is sponsored by

SoloKeys yamnord

Goals

From highest to lowest priority:

  • understandable code
  • timing side-channel free
  • design for easy integration in embedded projects
  • sufficiently small compiled code size
  • useful speed

The Plan

None of these releases exist quite yet.

v0.1.0

Basic signature functionality

v0.2.0

More tests!

  • fuzzing to test correctness against known good implementation
  • side-fuzzing to test for timing side-channels

v0.3.0

Completion! The rest of NaCl.

  • X22519
  • authenticated encryption

License

The scalar29 implementation is from curve25519-daleks's u32 backend: LICENSE.
Salty is licensed under either of Apache License, Version 2.0 or MIT License at your option.

Unless you explicitly state otherwise, any contribution intentionally submitted for inclusion in the work by you, as defined in the Apache-2.0 license, shall be dual licensed as above, without any additional terms or conditions.
TweetNaCl is a public-domain library.
fe25519 is licensed under Creative Commons Zero v1.0 Universal.

Dependencies

~105–425KB