{"status":"ok","message-type":"work","message-version":"1.0.0","message":{"indexed":{"date-parts":[[2026,5,9]],"date-time":"2026-05-09T05:30:12Z","timestamp":1778304612543,"version":"3.51.4"},"reference-count":36,"publisher":"Association for Computing Machinery (ACM)","issue":"2","license":[{"start":{"date-parts":[[2024,3,27]],"date-time":"2024-03-27T00:00:00Z","timestamp":1711497600000},"content-version":"vor","delay-in-days":0,"URL":"https:\/\/www.acm.org\/publications\/policies\/copyright_policy#Background"}],"funder":[{"name":"Federal Ministry of Education and Research of Germany in the program of \u201cSouver\u00e4n. Digital. Vernetzt.\u201d Joint project 6G-life","award":["16KISK002"],"award-info":[{"award-number":["16KISK002"]}]}],"content-domain":{"domain":["dl.acm.org"],"crossmark-restriction":true},"short-container-title":["ACM Trans. Embed. Comput. Syst."],"published-print":{"date-parts":[[2024,3,31]]},"abstract":"<jats:p>CRYSTALS-Dilithium and Falcon are digital signature algorithms based on cryptographic lattices, which are considered secure even if large-scale quantum computers will be able to break conventional public-key cryptography. Both schemes have been selected for standardization in the NIST Post-Quantum competition. In this work, we present a RISC-V HW\/SW codesign that aims to combine the advantages of software and hardware implementations, i.e., flexibility and performance. It shows the use of flexible hardware accelerators, which have been previously used for Public-Key Encryption (PKE) and Key-Encapsulation Mechanism (KEM), for Post-Quantum signatures. It is optimized for Dilithium as a generic signature scheme but also accelerates applications that require fast verification of Falcon\u2019s compact signatures. We provide a comparison with previous works showing that for Dilithium and Falcon, cycle counts are significantly reduced, such that our design is faster than previous software implementations or other HW\/SW codesigns. In addition to that, we present a compact Globalfoundries 22nm ASIC design that runs at 800 MHz. By using hardware acceleration, energy consumption for Dilithium is reduced by up to 92.2%, and up to 67.5% for Falcon\u2019s signature verification.<\/jats:p>","DOI":"10.1145\/3579092","type":"journal-article","created":{"date-parts":[[2023,1,6]],"date-time":"2023-01-06T13:13:07Z","timestamp":1673010787000},"page":"1-23","update-policy":"https:\/\/doi.org\/10.1145\/crossmark-policy","source":"Crossref","is-referenced-by-count":57,"title":["Post-Quantum Signatures on RISC-V with Hardware Acceleration"],"prefix":"10.1145","volume":"23","author":[{"ORCID":"https:\/\/orcid.org\/0000-0001-9476-9651","authenticated-orcid":false,"given":"Patrick","family":"Karl","sequence":"first","affiliation":[{"name":"Technical University of Munich; TUM School of Computation, Information and Technology; Chair of Security in Information Technology, Munich, Bavaria, Germany"}]},{"ORCID":"https:\/\/orcid.org\/0000-0002-4171-1656","authenticated-orcid":false,"given":"Jonas","family":"Schupp","sequence":"additional","affiliation":[{"name":"Technical University of Munich; TUM School of Computation, Information and Technology; Chair of Security in Information Technology, Munich, Bavaria, Germany"}]},{"ORCID":"https:\/\/orcid.org\/0000-0002-5483-4292","authenticated-orcid":false,"given":"Tim","family":"Fritzmann","sequence":"additional","affiliation":[{"name":"Technical University of Munich; TUM School of Computation, Information and Technology; Chair of Security in Information Technology, Munich, Bavaria, Germany"}]},{"ORCID":"https:\/\/orcid.org\/0000-0003-3152-941X","authenticated-orcid":false,"given":"Georg","family":"Sigl","sequence":"additional","affiliation":[{"name":"Technical University of Munich; TUM School of Computation, Information and Technology; Chair of Security in Information Technology, Munich, Germany; and Fraunhofer Institute for Applied and Integrated Security, Garching, Bavaria, Germany"}]}],"member":"320","published-online":{"date-parts":[[2024,3,27]]},"reference":[{"key":"e_1_3_2_2_2","article-title":"Faster Kyber and Dilithium on the Cortex-M4","author":"Abdulrahman Amin","year":"2022","unstructured":"Amin Abdulrahman, Vincent Hwang, Matthias J. Kannwischer, and Daan Sprenkels. 2022. Faster Kyber and Dilithium on the Cortex-M4. Cryptology ePrint Archive, Report 2022\/112. Retrieved from https:\/\/ia.cr\/2022\/112.","journal-title":"Cryptology ePrint Archive, Report 2022\/112"},{"key":"e_1_3_2_3_2","article-title":"A Unified Cryptoprocessor for Lattice-based Signature and Key-exchange","year":"2021","unstructured":"Aikata, Ahmet Can Mert, David Jacquemin, Amitabh Das, Donald Matthews, Santosh Ghosh, and Sujoy Sinha Roy. 2021. A Unified Cryptoprocessor for Lattice-based Signature and Key-exchange. Cryptology ePrint Archive, Report 2021\/1461. Retrieved from https:\/\/ia.cr\/2021\/1461.","journal-title":"Cryptology ePrint Archive, Report 2021\/1461"},{"key":"e_1_3_2_4_2","doi-asserted-by":"publisher","DOI":"10.46586\/tches.v2019.i4.17-61"},{"key":"e_1_3_2_5_2","article-title":"NIST Post-Quantum Cryptography - A Hardware Evaluation Study","author":"Basu Kanad","year":"2019","unstructured":"Kanad Basu, Deepraj Soni, Mohammed Nabeel, and Ramesh Karri. 2019. NIST Post-Quantum Cryptography - A Hardware Evaluation Study. Cryptology ePrint Archive, Report 2019\/047. Retrieved from https:\/\/ia.cr\/2019\/047.","journal-title":"Cryptology ePrint Archive, Report 2019\/047"},{"key":"e_1_3_2_6_2","doi-asserted-by":"publisher","DOI":"10.1109\/ICFPT52863.2021.9609917"},{"key":"e_1_3_2_7_2","article-title":"High-Performance Hardware Implementation of Lattice-Based Digital Signatures","author":"Beckwith Luke","year":"2022","unstructured":"Luke Beckwith, Duc Tri Nguyen, and Kris Gaj. 2022. High-Performance Hardware Implementation of Lattice-Based Digital Signatures. Cryptology ePrint Archive, Report 2022\/217. Retrieved from https:\/\/ia.cr\/2022\/217.","journal-title":"Cryptology ePrint Archive, Report 2022\/217"},{"key":"e_1_3_2_8_2","doi-asserted-by":"publisher","DOI":"10.1007\/978-3-031-17433-9_10"},{"key":"e_1_3_2_9_2","doi-asserted-by":"publisher","DOI":"10.1090\/s0025-5718-1965-0178586-1"},{"key":"e_1_3_2_10_2","doi-asserted-by":"publisher","DOI":"10.6028\/nist.fips.202"},{"key":"e_1_3_2_11_2","article-title":"Falcon: Fast-fourier lattice-based compact signatures over NTRU","author":"Fouque Pierre-Alain","year":"2018","unstructured":"Pierre-Alain Fouque, Jeffrey Hoffstein, Paul Kirchner, Vadim Lyubashevsky, Thomas Pornin, Thomas Prest, Thomas Ricosset, Gregor Seiler, William Whyte, and Zhenfei Zhang. 2018. Falcon: Fast-fourier lattice-based compact signatures over NTRU. Submission to the NIST Post-quantum Cryptography Standardization Process (2018). Retrieved from https:\/\/falcon-sign.info\/falcon.pdf.","journal-title":"Submission to the NIST Post-quantum Cryptography Standardization Process"},{"key":"e_1_3_2_12_2","doi-asserted-by":"publisher","DOI":"10.46586\/tches.v2022.i1.414-460"},{"key":"e_1_3_2_13_2","doi-asserted-by":"publisher","DOI":"10.13154\/TCHES.V2020.I4.239-280"},{"key":"e_1_3_2_14_2","doi-asserted-by":"publisher","DOI":"10.1109\/tvlsi.2017.2654506"},{"key":"e_1_3_2_15_2","doi-asserted-by":"publisher","DOI":"10.1145\/1464291.1464352"},{"key":"e_1_3_2_16_2","doi-asserted-by":"publisher","DOI":"10.46586\/tches.v2021.i1.1-24"},{"key":"e_1_3_2_17_2","doi-asserted-by":"publisher","DOI":"10.1109\/ICECS.2018.8617969"},{"key":"e_1_3_2_18_2","article-title":"Lightweight Hardware Accelerator for Post-Quantum Digital Signature CRYSTALS-Dilithium","author":"Gupta Naina","year":"2022","unstructured":"Naina Gupta, Arpan Jati, Anupam Chattopadhyay, and Gautam Jha. 2022. Lightweight Hardware Accelerator for Post-Quantum Digital Signature CRYSTALS-Dilithium. Cryptology ePrint Archive, Report 2022\/496. Retrieved from https:\/\/eprint.iacr.org\/2022\/496\/20220428:080014.","journal-title":"Cryptology ePrint Archive, Report 2022\/496"},{"key":"e_1_3_2_19_2","article-title":"Benchmarking and Analysing the NIST PQC Finalist Lattice-Based Signature Schemes on the ARM Cortex M7","author":"Howe James","year":"2022","unstructured":"James Howe and Bas Westerbaan. 2022. Benchmarking and Analysing the NIST PQC Finalist Lattice-Based Signature Schemes on the ARM Cortex M7. Cryptology ePrint Archive, Report 2022\/405. Retrieved from https:\/\/eprint.iacr.org\/2022\/405\/20220331:072640.","journal-title":"Cryptology ePrint Archive, Report 2022\/405"},{"key":"e_1_3_2_20_2","unstructured":"Matthias J. Kannwischer Joost Rijneveld Peter Schwabe and Ko Stoffelen. 2021. PQM4: Post-quantum crypto library for the ARM Cortex-M4. Retrieved from https:\/\/github.com\/mupq\/pqm4."},{"key":"e_1_3_2_21_2","doi-asserted-by":"publisher","DOI":"10.1109\/FPL50879.2020.00016"},{"key":"e_1_3_2_22_2","doi-asserted-by":"publisher","DOI":"10.1007\/978-3-030-97348-3_12"},{"key":"e_1_3_2_23_2","doi-asserted-by":"publisher","DOI":"10.1007\/978-3-642-10366-7_35"},{"key":"e_1_3_2_24_2","article-title":"CRYSTALS-Dilithium","author":"Lyubashevsky Vadim","year":"2017","unstructured":"Vadim Lyubashevsky, L\u00e9o Ducas, Eike Kiltz, Tancr\u00e8de Lepoint, Peter Schwabe, Gregor Seiler, Damien Stehl\u00e9, and Shi Bai. 2017. CRYSTALS-Dilithium. Submission to the NIST Post-quantum Cryptography Standardization Process (2017). Retrieved from https:\/\/pq-crystals.org\/dilithium\/data\/dilithium-specification-round3-20210208.pdf.","journal-title":"Submission to the NIST Post-quantum Cryptography Standardization Process"},{"key":"e_1_3_2_25_2","doi-asserted-by":"publisher","DOI":"10.6028\/nist.ir.8413-upd1"},{"key":"e_1_3_2_26_2","doi-asserted-by":"publisher","DOI":"10.1109\/access.2021.3126208"},{"key":"e_1_3_2_27_2","doi-asserted-by":"publisher","DOI":"10.1007\/978-3-030-25510-7_4"},{"key":"e_1_3_2_28_2","article-title":"New Efficient, Constant-time Implementations of Falcon","author":"Pornin Thomas","year":"2019","unstructured":"Thomas Pornin. 2019. New Efficient, Constant-time Implementations of Falcon. Cryptology ePrint Archive, Report 2019\/893. Retrieved from https:\/\/eprint.iacr.org\/2019\/893\/20190918:144441.","journal-title":"Cryptology ePrint Archive, Report 2019\/893"},{"key":"e_1_3_2_29_2","article-title":"Improving Speed of Dilithium\u2019s Signing Procedure","author":"Ravi Prasanna","year":"2019","unstructured":"Prasanna Ravi, Sourav Sen Gupta, Anupam Chattopadhyay, and Shivam Bhasin. 2019. Improving Speed of Dilithium\u2019s Signing Procedure. Cryptology ePrint Archive, Report 2019\/420. Retrieved from https:\/\/eprint.iacr.org\/2019\/420\/20191018:013921.","journal-title":"Cryptology ePrint Archive, Report 2019\/420"},{"key":"e_1_3_2_30_2","doi-asserted-by":"publisher","DOI":"10.1145\/3465481.3465756"},{"key":"e_1_3_2_31_2","doi-asserted-by":"publisher","DOI":"10.1109\/SFCS.1994.365700"},{"key":"e_1_3_2_32_2","doi-asserted-by":"publisher","DOI":"10.1007\/978-3-030-57682-0"},{"key":"e_1_3_2_33_2","volume-title":"Proceedings of the 2nd PQC Standardization Conference","author":"Soni Deepraj","year":"2019","unstructured":"Deepraj Soni, Kanad Basu, Mohammed Nabeel, and Ramesh Karri. 2019. A hardware evaluation study of NIST post-quantum cryptographic signature schemes. In Proceedings of the 2nd PQC Standardization Conference. NIST. Retrieved from https:\/\/csrc.nist.gov\/Events\/2019\/second-pqc-standardization-conference."},{"key":"e_1_3_2_34_2","article-title":"Performance Evaluation of Post-quantum TLS 1.3 on Resource-Constrained Embedded Systems","author":"Tasopoulos George","year":"2021","unstructured":"George Tasopoulos, Jinhui Li, Apostolos P. Fournaris, Raymond K. Zhao, Amin Sakzad, and Ron Steinfeld. 2021. Performance Evaluation of Post-quantum TLS 1.3 on Resource-Constrained Embedded Systems. Cryptology ePrint Archive, Paper 2021\/1553. Retrieved from https:\/\/eprint.iacr.org\/2021\/1553.","journal-title":"Cryptology ePrint Archive, Paper 2021\/1553"},{"key":"e_1_3_2_35_2","doi-asserted-by":"publisher","DOI":"10.46586\/tches.v2022.i1.270-295"},{"key":"e_1_3_2_36_2","doi-asserted-by":"publisher","DOI":"10.1109\/tcsi.2022.3162593"},{"key":"e_1_3_2_37_2","doi-asserted-by":"publisher","DOI":"10.1145\/3447812"}],"container-title":["ACM Transactions on Embedded Computing Systems"],"original-title":[],"language":"en","link":[{"URL":"https:\/\/dl.acm.org\/doi\/10.1145\/3579092","content-type":"unspecified","content-version":"vor","intended-application":"text-mining"},{"URL":"https:\/\/dl.acm.org\/doi\/pdf\/10.1145\/3579092","content-type":"unspecified","content-version":"vor","intended-application":"similarity-checking"}],"deposited":{"date-parts":[[2025,6,17]],"date-time":"2025-06-17T16:38:05Z","timestamp":1750178285000},"score":1,"resource":{"primary":{"URL":"https:\/\/dl.acm.org\/doi\/10.1145\/3579092"}},"subtitle":[],"short-title":[],"issued":{"date-parts":[[2024,3,27]]},"references-count":36,"journal-issue":{"issue":"2","published-print":{"date-parts":[[2024,3,31]]}},"alternative-id":["10.1145\/3579092"],"URL":"https:\/\/doi.org\/10.1145\/3579092","relation":{},"ISSN":["1539-9087","1558-3465"],"issn-type":[{"value":"1539-9087","type":"print"},{"value":"1558-3465","type":"electronic"}],"subject":[],"published":{"date-parts":[[2024,3,27]]},"assertion":[{"value":"2022-04-29","order":0,"name":"received","label":"Received","group":{"name":"publication_history","label":"Publication History"}},{"value":"2022-12-21","order":1,"name":"accepted","label":"Accepted","group":{"name":"publication_history","label":"Publication History"}},{"value":"2024-03-27","order":2,"name":"published","label":"Published","group":{"name":"publication_history","label":"Publication History"}}]}}