{"status":"ok","message-type":"work","message-version":"1.0.0","message":{"indexed":{"date-parts":[[2026,4,15]],"date-time":"2026-04-15T18:26:52Z","timestamp":1776277612309,"version":"3.50.1"},"reference-count":23,"publisher":"MDPI AG","issue":"9","license":[{"start":{"date-parts":[[2019,9,14]],"date-time":"2019-09-14T00:00:00Z","timestamp":1568419200000},"content-version":"vor","delay-in-days":0,"URL":"https:\/\/creativecommons.org\/licenses\/by\/4.0\/"}],"content-domain":{"domain":[],"crossmark-restriction":false},"short-container-title":["Information"],"abstract":"<jats:p>Twisted Edwards curves have been at the center of attention since their introduction by Bernstein et al. in 2007. The curve ED25519, used for Edwards-curve Digital Signature Algorithm (EdDSA), provides faster digital signatures than existing schemes without sacrificing security. The CURVE25519 is a Montgomery curve that is closely related to ED25519. It provides a simple, constant time, and fast point multiplication, which is used by the key exchange protocol X25519. Software implementations of EdDSA and X25519 are used in many web-based PC and Mobile applications. In this paper, we introduce a low-power, low-area FPGA implementation of the ED25519 and CURVE25519 scalar multiplication that is particularly relevant for Internet of Things (IoT) applications. The efficiency of the arithmetic modulo the prime number      2 255  \u2212 19    , in particular the modular reduction and modular multiplication, are key to the efficiency of both EdDSA and X25519. To reduce the complexity of the hardware implementation, we propose a high-radix interleaved modular multiplication algorithm. One benefit of this architecture is to avoid the use of large-integer multipliers relying on FPGA DSP modules.<\/jats:p>","DOI":"10.3390\/info10090285","type":"journal-article","created":{"date-parts":[[2019,9,16]],"date-time":"2019-09-16T03:17:57Z","timestamp":1568603877000},"page":"285","update-policy":"https:\/\/doi.org\/10.3390\/mdpi_crossmark_policy","source":"Crossref","is-referenced-by-count":29,"title":["Low-Cost, Low-Power FPGA Implementation of ED25519 and CURVE25519 Point Multiplication"],"prefix":"10.3390","volume":"10","author":[{"ORCID":"https:\/\/orcid.org\/0000-0003-3984-5361","authenticated-orcid":false,"given":"Mohamad Ali","family":"Mehrabi","sequence":"first","affiliation":[{"name":"Department of computing, Macquarie University, Sydney 2109, Australia"}],"role":[{"role":"author","vocabulary":"crossref"}]},{"given":"Christophe","family":"Doche","sequence":"additional","affiliation":[{"name":"Optus Macquarie University Cyber Security Hub, Sydney 2109, Australia"}],"role":[{"role":"author","vocabulary":"crossref"}]}],"member":"1968","published-online":{"date-parts":[[2019,9,14]]},"reference":[{"key":"ref_1","doi-asserted-by":"crossref","first-page":"393","DOI":"10.1090\/S0273-0979-07-01153-6","article-title":"A normal form for elliptic curves","volume":"44","author":"Edwards","year":"2007","journal-title":"Bull. Am. Math. Soc."},{"key":"ref_2","unstructured":"Bernstein, D., and Lange, T. (2007, January 2\u20136). Faster addition and doubling on elliptic curves. Proceedings of the International Conference on the Theory and Application of Cryptology and Information Security 2007, Kuching, Malaysia."},{"key":"ref_3","doi-asserted-by":"crossref","unstructured":"Bernstein, D., Birkner, P., Joye, M., Lange, T., and Peters, C. (2008). Twisted Edwards Curves. International Conference on Cryptology in Africa, Springer.","DOI":"10.1007\/978-3-540-68164-9_26"},{"key":"ref_4","doi-asserted-by":"crossref","first-page":"243","DOI":"10.1090\/S0025-5718-1987-0866113-7","article-title":"Speeding the Pollard and Elliptic Curve Methods of Factorization","volume":"48","author":"Montgomery","year":"1987","journal-title":"Math. Comput."},{"key":"ref_5","unstructured":"(2019, September 12). Explicit Formulas Database. Available online: www.hyperelliptic.org."},{"key":"ref_6","unstructured":"Bernstein, D., Lange, T., and Farashahi, R.R. (2008, January 10\u201313). Binary Edwards Curves. Proceedings of the International Workshop on Cryptographic Hardware and Embedded Systems, Washington, DC, USA."},{"key":"ref_7","unstructured":"(2019, September 13). ED25519: High-Speed High-Security Signatures. Available online: https:\/\/ED25519.cr.yp.to\/."},{"key":"ref_8","doi-asserted-by":"crossref","unstructured":"Bernstein, D. (2006). CURVE25519: New Diffie-Hellman speed records. International Workshop on Public Key Cryptography, Springer.","DOI":"10.1007\/11745853_14"},{"key":"ref_9","doi-asserted-by":"crossref","first-page":"227","DOI":"10.1007\/s13389-017-0157-6","article-title":"Montgomery Curves and Their Arithmetic","volume":"8","author":"Costello","year":"2018","journal-title":"J. Cryptogr. Eng."},{"key":"ref_10","doi-asserted-by":"crossref","unstructured":"Sasdrich, P., and G\u00fcneysu, T. (2014). Efficient elliptic-curve cryptography using CURVE25519 on reconfigurable Devices. International Symposium on Applied Reconfigurable Computing, Springer.","DOI":"10.1007\/978-3-319-05960-0_3"},{"key":"ref_11","doi-asserted-by":"crossref","unstructured":"Koppermann, P., Santis, F., Heyszl, J., and Sigl, G. (September, January 31). X25519 Hardware Implementation for Low-Latency Applications. Proceedings of the 2016 Euromicro Conference on Digital System Design (DSD), Limassol, Cyprus.","DOI":"10.1109\/DSD.2016.65"},{"key":"ref_12","doi-asserted-by":"crossref","first-page":"491","DOI":"10.1016\/j.micpro.2017.07.001","article-title":"Low-latency X25519 hardware implementation: Breaking the 100 microseconds barrier","volume":"52","author":"Koppermann","year":"2017","journal-title":"Microprocess. Microsyst."},{"key":"ref_13","doi-asserted-by":"crossref","first-page":"1","DOI":"10.1145\/3312742","article-title":"Compact and Flexible FPGA Implementation of ED25519 and X25519","volume":"18","author":"Turan","year":"2019","journal-title":"ACM Trans. Embed. Comput. Syst."},{"key":"ref_14","unstructured":"Sch\u00fctze, T. (2011, January 1\u20133). Automotive security: Cryptography for car2x communication. Proceedings of the 2011 Embedded World Conference, N\u00fcrnberg, Germany."},{"key":"ref_15","unstructured":"Hankerson, D., and Vanstone, S. (2004). Guide to Elliptic Curve Cryptography, Springer. [1st ed.]."},{"key":"ref_16","unstructured":"Kornerup, P. (July, January 29). High-radix modular multiplication for cryptosystems. Proceedings of the IEEE Symposium on Computer Arithmetic, Windsor, ON, Canada."},{"key":"ref_17","unstructured":"Bunimov, V., and Schimmler, M. (2003, January 24\u201326). Area and Time Efficient Modular Multiplication of Large Integers. Proceedings of the IEEE International Conference on Application-Specific Systems, Architectures, and Processors (ASAP 2003), The Hague, The Netherlands."},{"key":"ref_18","doi-asserted-by":"crossref","first-page":"949","DOI":"10.1109\/12.156537","article-title":"A Radix-4 Modular Multiplication Hardware Algorithm for Modular Exponentiation","volume":"41","author":"Takagi","year":"1992","journal-title":"IEEE Trans. Comput."},{"key":"ref_19","doi-asserted-by":"crossref","unstructured":"Nassar, M.A., and El-Sayed, L.A. (2015, January 17\u201320). Efficient Interleaved Modular Multiplication Based on Sign Detection. Proceedings of the 2015 IEEE\/ACS 12th International Conference of Computer Systems and Applications (AICCSA), Marrakech, Morocco.","DOI":"10.1109\/AICCSA.2015.7507088"},{"key":"ref_20","doi-asserted-by":"crossref","unstructured":"Javeed, K., and Wang, X. (2014, January 2\u20134). Radix-4 and radix-8 booth encoded interleaved modular multipliers over general Fp. Proceedings of the 2014 24th International Conference on Field Programmable Logic and Applications (FPL), Munich, Germany.","DOI":"10.1109\/FPL.2014.6927452"},{"key":"ref_21","doi-asserted-by":"crossref","unstructured":"Rahimzadeh, L., Eshghi, M., and Timarchi, S. (2014, January 20\u201322). Radix-4 implementation of redundant interleaved modular multiplication on FPGA. Proceedings of the 2014 22nd Iranian Conference on Electrical Engineering (ICEE), Tehran, Iran.","DOI":"10.1109\/IranianCEE.2014.6999599"},{"key":"ref_22","unstructured":"Kaliski, B.S., Koc, C.K., and Paar, C. (2003). The Montgomery Powering Ladder. International Workshop on Cryptographic Hardware and Embedded Systems, Springer."},{"key":"ref_23","unstructured":"Okeya, K., Miyazaki, K., and Sakurai, K. (2001). A Fast Scalar Multiplication Method with Randomized Projective Coordinates on a Montgomery-Form Elliptic curve Secure against Side Channel Attacks. International Conference on Information Security and Cryptology, Springer."}],"container-title":["Information"],"original-title":[],"language":"en","link":[{"URL":"https:\/\/www.mdpi.com\/2078-2489\/10\/9\/285\/pdf","content-type":"unspecified","content-version":"vor","intended-application":"similarity-checking"}],"deposited":{"date-parts":[[2025,10,11]],"date-time":"2025-10-11T13:20:07Z","timestamp":1760188807000},"score":1,"resource":{"primary":{"URL":"https:\/\/www.mdpi.com\/2078-2489\/10\/9\/285"}},"subtitle":[],"short-title":[],"issued":{"date-parts":[[2019,9,14]]},"references-count":23,"journal-issue":{"issue":"9","published-online":{"date-parts":[[2019,9]]}},"alternative-id":["info10090285"],"URL":"https:\/\/doi.org\/10.3390\/info10090285","relation":{},"ISSN":["2078-2489"],"issn-type":[{"value":"2078-2489","type":"electronic"}],"subject":[],"published":{"date-parts":[[2019,9,14]]}}}