{"status":"ok","message-type":"work","message-version":"1.0.0","message":{"indexed":{"date-parts":[[2026,6,16]],"date-time":"2026-06-16T09:41:46Z","timestamp":1781602906690,"version":"3.54.5"},"reference-count":35,"publisher":"Springer Science and Business Media LLC","issue":"1","license":[{"start":{"date-parts":[[2026,4,1]],"date-time":"2026-04-01T00:00:00Z","timestamp":1775001600000},"content-version":"tdm","delay-in-days":0,"URL":"https:\/\/creativecommons.org\/licenses\/by\/4.0"},{"start":{"date-parts":[[2026,4,5]],"date-time":"2026-04-05T00:00:00Z","timestamp":1775347200000},"content-version":"vor","delay-in-days":4,"URL":"https:\/\/creativecommons.org\/licenses\/by\/4.0"}],"funder":[{"DOI":"10.13039\/501100002744","name":"Bar-Ilan University","doi-asserted-by":"crossref","id":[{"id":"10.13039\/501100002744","id-type":"DOI","asserted-by":"crossref"}]}],"content-domain":{"domain":["link.springer.com"],"crossmark-restriction":false},"short-container-title":["J Cryptogr Eng"],"published-print":{"date-parts":[[2026,4]]},"abstract":"Abstract<\/jats:title>\n \n The rapid growth of the Internet of Things (IoT) emphasizes the need for secure data transmission between IoT devices and edge computing. Many IoT systems utilize\n asymmetric cryptography<\/jats:italic>\n , particularly elliptic curve cryptography (ECC), which is favored in resource-constrained environments for its efficient encryption and smaller key sizes. ECC-based protocols and Diffie-Hellman (DH) key agreement schemes are integral to edge computing.\n \n WolfSSL<\/jats:italic>\n <\/jats:bold>\n is an efficient SSL library with a significantly smaller memory footprint, optimized for IoT and embedded systems, and supports ECC and DH public key options for over 2 billion devices daily. This study evaluates processor extensions and instruction customization within WolfSSL\u2019s benchmark code to enhance ECC and DH performance. We dissect the implementation into key routines such as Montgomery reduction and multiplication, recommending processor hardware extensions and software modifications to improve computational speed. Our analysis covers various processor designs, from single-issue base processors to multi-issue configurations with custom instructions, revealing performance trade-offs. Our results indicate that our designs outperform the most optimized WolfSSL software implementations on base RISC processors, achieving speedups of up to\n \n \n $$\\{6.25x, 4.2x\\}$$<\/jats:tex-math>\n \n \n {<\/mml:mo>\n 6.25<\/mml:mn>\n x<\/mml:mi>\n ,<\/mml:mo>\n 4.2<\/mml:mn>\n x<\/mml:mi>\n }<\/mml:mo>\n <\/mml:mrow>\n <\/mml:math>\n <\/jats:alternatives>\n <\/jats:inline-formula>\n for ECC and\n \n \n $$\\{5.6x, 3.9x\\}$$<\/jats:tex-math>\n \n \n {<\/mml:mo>\n 5.6<\/mml:mn>\n x<\/mml:mi>\n ,<\/mml:mo>\n 3.9<\/mml:mn>\n x<\/mml:mi>\n }<\/mml:mo>\n <\/mml:mrow>\n <\/mml:math>\n <\/jats:alternatives>\n <\/jats:inline-formula>\n for DH algorithms. Moreover, comparing our work to architectures like ARM6\/8 and RISC-V platforms shows significant performance improvements. These advancements not only enhance ECC and DH operations but also benefit various Post-Quantum Cryptography (PQC) primitives. Our findings achieve significant speed improvements for Montgomery reduction and point multiplication while maintaining minimal area cost, making them advantageous for applications using lattice-based and code-based PQC algorithms.\n <\/jats:p>","DOI":"10.1007\/s13389-026-00389-9","type":"journal-article","created":{"date-parts":[[2026,4,5]],"date-time":"2026-04-05T04:38:25Z","timestamp":1775363905000},"update-policy":"https:\/\/doi.org\/10.1007\/springer_crossmark_policy","source":"Crossref","is-referenced-by-count":1,"title":["A fresh look on slow asymmetric crypto: accelerating WolfSSL on end-nodes processors"],"prefix":"10.1007","volume":"16","author":[{"given":"Oren","family":"Ganon","sequence":"first","affiliation":[],"role":[{"vocabulary":"crossref","role":"author"}]},{"given":"Yuval","family":"Rubakh","sequence":"additional","affiliation":[],"role":[{"vocabulary":"crossref","role":"author"}]},{"given":"Nadav","family":"Elkayam","sequence":"additional","affiliation":[],"role":[{"vocabulary":"crossref","role":"author"}]},{"given":"Itamar","family":"Levi","sequence":"additional","affiliation":[],"role":[{"vocabulary":"crossref","role":"author"}]}],"member":"297","published-online":{"date-parts":[[2026,4,5]]},"reference":[{"key":"389_CR1","doi-asserted-by":"publisher","first-page":"72514","DOI":"10.1109\/ACCESS.2018.2881444","volume":"6","author":"CA Lara-Nino","year":"2018","unstructured":"Lara-Nino, C.A., Diaz-Perez, A., Morales-Sandoval, M.: Elliptic curve lightweight cryptography: A survey. IEEE Access 6, 72514\u201372550 (2018)","journal-title":"IEEE Access"},{"key":"389_CR2","doi-asserted-by":"crossref","unstructured":"He, Z., Chen, X.: Design and implementation of high-speed configurable ecc co-processor. In: 2017 IEEE 12th International Conference on ASIC (ASICON), pp. 734\u2013737 (2017). IEEE","DOI":"10.1109\/ASICON.2017.8252580"},{"issue":"1","key":"389_CR3","doi-asserted-by":"publisher","first-page":"251","DOI":"10.3390\/s18010251","volume":"18","author":"L Parrilla","year":"2018","unstructured":"Parrilla, L., Castillo, E., L\u00f3pez-Ramos, J.A., \u00c1lvarez-Bermejo, J.A., Garc\u00eda, A., Morales, D.P.: Unified compact ecc-aes co-processor with group-key support for iot devices in wireless sensor networks. Sensors 18(1), 251 (2018)","journal-title":"Sensors"},{"issue":"1","key":"389_CR4","doi-asserted-by":"publisher","first-page":"754","DOI":"10.5958\/2249-7315.2017.00020.X","volume":"7","author":"A Jagan","year":"2017","unstructured":"Jagan, A., Nagarajan, V.: An efficient usage indian vedic shrewdness in multiplication module of ecc co-processor architecture. Asian Journal of Research in Social Sciences and Humanities 7(1), 754\u2013772 (2017)","journal-title":"Asian Journal of Research in Social Sciences and Humanities"},{"key":"389_CR5","doi-asserted-by":"publisher","unstructured":"Gautschi, M., Muehlberghuber, M., Traber, A., Stucki, S., Baer, M., Andri, R., Benini, L., Muheim, B., Kaeslin, H.: Sir10us: A tightly coupled elliptic-curve cryptography co-processor for the openrisc. In: 2014 IEEE 25th International Conference on Application-Specific Systems, Architectures and Processors, pp. 25\u201329 (2014). https:\/\/doi.org\/10.1109\/ASAP.2014.6868626","DOI":"10.1109\/ASAP.2014.6868626"},{"key":"389_CR6","doi-asserted-by":"crossref","unstructured":"Kumar, S., Paar, C.: Reconfigurable instruction set extension for enabling ecc on an 8-bit processor. In: International Conference on Field Programmable Logic and Applications, pp. 586\u2013595 (2004). Springer","DOI":"10.1007\/978-3-540-30117-2_60"},{"key":"389_CR7","doi-asserted-by":"crossref","unstructured":"Heinl, M.P., Pursche, M., Puch, N., Peters, S.N., Giehl, A.: From standard to practice: Towards isa\/iec 62443-conform public key infrastructures. In: International Conference on Computer Safety, Reliability, and Security, pp. 196\u2013210 (2023). Springer","DOI":"10.1007\/978-3-031-40923-3_15"},{"key":"389_CR8","doi-asserted-by":"publisher","unstructured":"Hankerson, D., Menezes, A.J., Vanstone, S.A.: Guide to Elliptic Curve Cryptography. Springer, New York (2004). https:\/\/doi.org\/10.1007\/978-0-387-21885-2","DOI":"10.1007\/978-0-387-21885-2"},{"issue":"177","key":"389_CR9","doi-asserted-by":"publisher","first-page":"243","DOI":"10.1090\/S0025-5718-1987-0866113-7","volume":"48","author":"PL Montgomery","year":"1987","unstructured":"Montgomery, P.L.: Speeding the pollard and elliptic curve methods of factorization. Math. Comput. 48(177), 243\u2013264 (1987). https:\/\/doi.org\/10.1090\/S0025-5718-1987-0866113-7","journal-title":"Math. Comput."},{"key":"389_CR10","doi-asserted-by":"crossref","unstructured":"Cheng, H., Fotiadis, G., Gro\u00dfsch\u00e4dl, J., Page, D., Pham, T.H., Ryan, P.Y.: Risc-v instruction set extensions for multi-precision integer arithmetic: A case study on post-quantum key exchange using csidh-512. In: Proceedings of the 61st ACM\/IEEE Design Automation Conference, pp. 1\u20136 (2024)","DOI":"10.1145\/3649329.3657347"},{"key":"389_CR11","unstructured":"Eum, Y., Zhang, N., Tang, L., Franchetti, F.: Towards a risc-V instruction set extension for multi-word arithmetic. In: IEEE High Performance Extreme Computing (HPEC) (2024). IEEE. https:\/\/users.ece.cmu.edu\/~franzf\/papers\/hpec_2024_RISCV.pdf"},{"key":"389_CR12","doi-asserted-by":"crossref","unstructured":"Didier, L., Robert, J.: Risc-V word-size modular instructions for residue number systems. arXiv preprint arXiv:2412.05286 (2024)","DOI":"10.1007\/978-3-031-73122-8_5"},{"key":"389_CR13","doi-asserted-by":"crossref","unstructured":"Gro\u00dfsch\u00e4dl, J., Sava\u015f, E.: Instruction set extensions for fast arithmetic in finite fields gf (p) and gf (2 m). In: International Workshop on Cryptographic Hardware and Embedded Systems, pp. 133\u2013147 (2004). Springer","DOI":"10.1007\/978-3-540-28632-5_10"},{"key":"389_CR14","unstructured":"Gro\u00dfsch\u00e4dl, J., Tillich, S., Ienne, P., Pozzi, L., Verma, A.K.: When instruction set extensions change algorithm design: A study in elliptic curve cryptography. In: Proceedings of the 4th Workshop on Application-Specific Processors (WASP 2005), San Diego, CA, USA (2005)"},{"key":"389_CR15","doi-asserted-by":"crossref","unstructured":"Bartolini, S., Branovic, I., Giorgi, R., Martinelli, E.: A performance evaluation of arm isa extension for elliptic curve cryptography over binary finite fields. In: 16th Symposium on Computer Architecture and High Performance Computing, pp. 238\u2013245 (2004). IEEE","DOI":"10.1109\/SBAC-PAD.2004.5"},{"key":"389_CR16","doi-asserted-by":"publisher","unstructured":"Kumar, S.S., Paar, C.: Reconfigurable instruction set extension for enabling ECC on an 8-bit processor. In: Field Programmable Logic and Applications (FPL 2004). Lecture Notes in Computer Science, vol. 3203, pp. 586\u2013595. Springer, Berlin, Heidelberg (2004). https:\/\/doi.org\/10.1007\/978-3-540-30117-2_60","DOI":"10.1007\/978-3-540-30117-2_60"},{"issue":"3","key":"389_CR17","doi-asserted-by":"publisher","first-page":"26","DOI":"10.1109\/40.502403","volume":"16","author":"CK Ko\u00e7","year":"1996","unstructured":"Ko\u00e7, C.K., Acar, T., Kaliski, B.S.: Analyzing and comparing montgomery multiplication algorithms. IEEE Micro 16(3), 26\u201333 (1996)","journal-title":"IEEE Micro"},{"key":"389_CR18","unstructured":"Acar, T.: High-speed algorithms & architectures for number-theoretic cryptosystems: New algorithms for montgomery multiplication. PhD thesis, Oregon State University (1998). https:\/\/www.microsoft.com\/en-us\/research\/wp-content\/uploads\/1998\/06\/97Acar.pdf"},{"key":"389_CR19","unstructured":"McIvor, C., McLoone, M., McCanny, J.V.: Fpga montgomery multiplier architectures \u2013 a comparison (sos, cios, fios). In: Proc. (Queen\u2019s University Belfast\/ECIT Reports; FPGA Comparison Study) (2003). Comparative FPGA study of SOS\/CIOS\/FIOS"},{"key":"389_CR20","doi-asserted-by":"crossref","unstructured":"Dzurenda, P., Ricci, S., Hajny, J., Malina, L.: Performance analysis and comparison of different elliptic curves on smart cards. In: 2017 15th Annual Conference on Privacy, Security and Trust (PST), pp. 365\u201336509 (2017). IEEE","DOI":"10.1109\/PST.2017.00050"},{"issue":"4","key":"389_CR21","first-page":"409","volume":"4","author":"AA-A Gutub","year":"2010","unstructured":"Gutub, A.A.-A., Arabia, S.: Remodeling of elliptic curve cryptography scalar multiplication architecture using parallel jacobian coordinate system. International Journal of Computer Science and Security (IJCSS) 4(4), 409 (2010)","journal-title":"International Journal of Computer Science and Security (IJCSS)"},{"key":"389_CR22","doi-asserted-by":"crossref","unstructured":"Menezes, A.J., Van Oorschot, P.C., Vanstone, S.A.: Handbook of Applied Cryptography. CRC Press (2018)","DOI":"10.1201\/9781439821916"},{"key":"389_CR23","unstructured":"Qu, M.: Sec 2: Recommended elliptic curve domain parameters. Certicom Res., Mississauga, ON, Canada, Tech. Rep. SEC2-Ver-0.6 (1999)"},{"key":"389_CR24","doi-asserted-by":"crossref","unstructured":"Chen, X., Maskell, D.L., Sun, Y.: Fast identification of custom instructions for extensible processors. IEEE Trans. Comput. Aided Des. Integr. Circuits Syst. 26(2), 359\u2013368 (2007)","DOI":"10.1109\/TCAD.2006.883915"},{"key":"389_CR25","doi-asserted-by":"crossref","unstructured":"Ganon, O., Levi, I.: Modular processor architecture with cryptography isa extensions. In: 2023 21st IEEE Interregional NEWCAS Conference (NEWCAS), pp. 1\u20132 (2023). IEEE","DOI":"10.1109\/NEWCAS57931.2023.10198046"},{"issue":"2","key":"389_CR26","doi-asserted-by":"publisher","first-page":"60","DOI":"10.1109\/40.848473","volume":"20","author":"RE Gonzalez","year":"2000","unstructured":"Gonzalez, R.E.: Xtensa: A configurable and extensible processor. IEEE Micro 20(2), 60\u201370 (2000)","journal-title":"IEEE Micro"},{"key":"389_CR27","doi-asserted-by":"crossref","unstructured":"Yu, P., Mitra, T.: Characterizing embedded applications for instruction-set extensible processors. In: Proceedings of the 41st Annual Design Automation Conference, pp. 723\u2013728 (2004)","DOI":"10.1145\/996566.996764"},{"issue":"2","key":"389_CR28","doi-asserted-by":"publisher","first-page":"216","DOI":"10.1109\/TCAD.2003.822133","volume":"23","author":"F Sun","year":"2004","unstructured":"Sun, F., Ravi, S., Raghunathan, A., Jha, N.K.: Custom-instruction synthesis for extensible-processor platforms. IEEE Trans. Comput. Aided Des. Integr. Circuits Syst. 23(2), 216\u2013228 (2004)","journal-title":"IEEE Trans. Comput. Aided Des. Integr. Circuits Syst."},{"key":"389_CR29","doi-asserted-by":"crossref","unstructured":"Bartolini, S., Giorgi, R., Martinelli, E.: Instruction set extensions for cryptographic applications. Cryptographic Engineering, 191\u2013233 (2009)","DOI":"10.1007\/978-0-387-71817-0_9"},{"issue":"3","key":"389_CR30","doi-asserted-by":"publisher","first-page":"377","DOI":"10.46586\/tches.v2024.i3.377-417","volume":"2024","author":"O Ganon","year":"2024","unstructured":"Ganon, O., Levi, I.: Crisa-x: Unleashing performance excellence in lightweight symmetric cryptography for extendable and deeply embedded processors. IACR Transactions on Cryptographic Hardware and Embedded Systems 2024(3), 377\u2013417 (2024)","journal-title":"IACR Transactions on Cryptographic Hardware and Embedded Systems"},{"key":"389_CR31","unstructured":"Hakkala, A., Virtanen, S.: Accelerating cryptographic protocols: A review of theory and technologies. Proceedings of CTRQ (2011)"},{"key":"389_CR32","doi-asserted-by":"crossref","unstructured":"Regazzoni, F., Ienne, P.: Instruction set extensions for secure applications. In: 2016 Design, Automation & Test in Europe Conference & Exhibition (DATE), pp. 1529\u20131534 (2016). Ieee","DOI":"10.3850\/9783981537079_1009"},{"key":"389_CR33","unstructured":"Scott, M., Szczechowiak, P.: Optimizing multiprecision multiplication for public key cryptography (2007). Cryptology ePrint Archive http:\/\/eprint.iacr.org\/.Report2007\/299"},{"key":"389_CR34","unstructured":"Bilavarn, S., Gogniat, G., Philippe, J.-L., Bossuet, L.: Low complexity design space exploration from early specifications. IEEE Transactions on COMPUTER-AIDED DESIGN of Integrated Circuits and Systems (2005)"},{"key":"389_CR35","doi-asserted-by":"crossref","unstructured":"Bilavarn, S., Gogniat, G., Philippe, J.L.: Area time power estimation for fpga based designs at a behavioral level. In: ICECS 2000. 7th IEEE International Conference on Electronics, Circuits and Systems (Cat. No. 00EX445), vol. 1, pp. 524\u2013527 (2000). IEEE","DOI":"10.1109\/ICECS.2000.911593"}],"container-title":["Journal of Cryptographic Engineering"],"original-title":[],"language":"en","link":[{"URL":"https:\/\/link.springer.com\/content\/pdf\/10.1007\/s13389-026-00389-9.pdf","content-type":"application\/pdf","content-version":"vor","intended-application":"text-mining"},{"URL":"https:\/\/link.springer.com\/article\/10.1007\/s13389-026-00389-9","content-type":"text\/html","content-version":"vor","intended-application":"text-mining"},{"URL":"https:\/\/link.springer.com\/content\/pdf\/10.1007\/s13389-026-00389-9.pdf","content-type":"application\/pdf","content-version":"vor","intended-application":"similarity-checking"}],"deposited":{"date-parts":[[2026,5,16]],"date-time":"2026-05-16T14:13:56Z","timestamp":1778940836000},"score":1,"resource":{"primary":{"URL":"https:\/\/link.springer.com\/10.1007\/s13389-026-00389-9"}},"subtitle":[],"short-title":[],"issued":{"date-parts":[[2026,4]]},"references-count":35,"journal-issue":{"issue":"1","published-print":{"date-parts":[[2026,4]]}},"alternative-id":["389"],"URL":"https:\/\/doi.org\/10.1007\/s13389-026-00389-9","relation":{},"ISSN":["2190-8508","2190-8516"],"issn-type":[{"value":"2190-8508","type":"print"},{"value":"2190-8516","type":"electronic"}],"subject":[],"published":{"date-parts":[[2026,4]]},"assertion":[{"value":"30 October 2024","order":1,"name":"received","label":"Received","group":{"name":"ArticleHistory","label":"Article History"}},{"value":"23 February 2026","order":2,"name":"accepted","label":"Accepted","group":{"name":"ArticleHistory","label":"Article History"}},{"value":"5 April 2026","order":3,"name":"first_online","label":"First Online","group":{"name":"ArticleHistory","label":"Article History"}},{"order":1,"name":"Ethics","group":{"name":"EthicsHeading","label":"Declarations"}},{"value":"The authors declare no competing interests.","order":2,"name":"Ethics","group":{"name":"EthicsHeading","label":"Competing interests"}}],"article-number":"2"}}