/salty

25519 for Cortex-M4 microcontrollers

Primary LanguageRustApache License 2.0Apache-2.0

salty

Ed25519 signatures for microcontrollers

Crates.io version Download main branch API docs main branch book

Overview

Build Status

Small, sweet, swift: Ed25519 signatures for microcontrollers.
With assembly optimizations for Cortex-M4 and Cortex-M33.

NOTE: This is work-in-progress and not audited! The usual warnings apply: Your hamster will explode, etc. etc.

Work on salty is sponsored by

SoloKeys yamnord

Goals

From highest to lowest priority:

  • understandable code
  • timing side-channel free
  • design for easy integration in embedded projects
  • sufficiently small compiled code size
  • useful speed

The Plan

None of these releases exist quite yet.

v0.1.0

Basic signature functionality

v0.2.0

More tests!

  • fuzzing to test correctness against known good implementation
  • side-fuzzing to test for timing side-channels

v0.3.0

Completion! The rest of NaCl.

  • X22519
  • authenticated encryption

License

The scalar29 implementation is from curve25519-daleks's u32 backend: LICENSE.
Salty is licensed under either of Apache License, Version 2.0 or MIT License at your option.

Unless you explicitly state otherwise, any contribution intentionally submitted for inclusion in the work by you, as defined in the Apache-2.0 license, shall be dual licensed as above, without any additional terms or conditions.
TweetNaCl is a public-domain library.
fe25519 is licensed under Creative Commons Zero v1.0 Universal.