Elliptic curve cryptography is a widely deployed technology for securing digital communication. It is the basis of many cryptographic primitives such as key agreement protocols, digital signatures, and zero-knowledge proofs. Fast elliptic curve cryptography relies on heavily optimised modular arithmetic operations, which are often tailored to specific micro-architectures. In this article, we study and evaluate optimisations of the popular elliptic curve Curve25519 for ARM processors. We specifically target the ARM NEON single instruction, multiple data (SIMD) architecture, which is a popular architecture for modern smartphones. We introduce a novel representation for 128-bit NEON SIMD vectors, optimised for SIMD parallelisation, to accelerate elliptic curve operations significantly. Leveraging this representation, we implement an extended twisted Edwards curve Curve25519 back-end within the popular Rust library ācurve25519-dalekā. We extensively evaluate our implementation across multiple ARM devices using both cryptographic benchmarks and the benchmark suite available for the Signal protocol. Our findings demonstrate a substantial back-end speed-up of at least 20% for ARM NEON, along with a noteworthy speed improvement of at least 15% for benchmarked Signal functions.
De Smet, R, Blancquaert, R, Godden, T, Steenhaut, K & Braeken, A 2024, 'Armed with Faster Crypto: Optimizing Elliptic Curve Cryptography for ARM Processors', Sensors, vol. 24, no. 3, 1030. https://doi.org/10.3390/s24031030
De Smet, R., Blancquaert, R., Godden, T., Steenhaut, K., & Braeken, A. (2024). Armed with Faster Crypto: Optimizing Elliptic Curve Cryptography for ARM Processors. Sensors, 24(3), Article 1030. https://doi.org/10.3390/s24031030
@article{1b932a8cde3b4b719f1da0de5c4b6165,
title = "Armed with Faster Crypto: Optimizing Elliptic Curve Cryptography for ARM Processors",
abstract = "Elliptic curve cryptography is a widely deployed technology for securing digital communication. It is the basis of many cryptographic primitives such as key agreement protocols, digital signatures, and zero-knowledge proofs. Fast elliptic curve cryptography relies on heavily optimised modular arithmetic operations, which are often tailored to specific micro-architectures. In this article, we study and evaluate optimisations of the popular elliptic curve Curve25519 for ARM processors. We specifically target the ARM NEON single instruction, multiple data (SIMD) architecture, which is a popular architecture for modern smartphones. We introduce a novel representation for 128-bit NEON SIMD vectors, optimised for SIMD parallelisation, to accelerate elliptic curve operations significantly. Leveraging this representation, we implement an extended twisted Edwards curve Curve25519 back-end within the popular Rust library ācurve25519-dalekā. We extensively evaluate our implementation across multiple ARM devices using both cryptographic benchmarks and the benchmark suite available for the Signal protocol. Our findings demonstrate a substantial back-end speed-up of at least 20% for ARM NEON, along with a noteworthy speed improvement of at least 15% for benchmarked Signal functions.",
keywords = "extended twisted Edwards curve, Curve25519, single instruction, multiple data (SIMD), Rust, ARM NEON",
author = "{De Smet}, Ruben and Robrecht Blancquaert and Tom Godden and Kris Steenhaut and An Braeken",
note = "Funding Information: This work was in part supported by the Vlaio TETRA Project RustIEC (HBC.2021.0066). Publisher Copyright: {\textcopyright} 2024 by the authors.",
year = "2024",
month = feb,
day = "5",
doi = "10.3390/s24031030",
language = "English",
volume = "24",
journal = "Sensors",
issn = "1424-8220",
publisher = "Multidisciplinary Digital Publishing Institute (MDPI)",
number = "3",
}