Overview
Small, sweet, swift: Ed25519 signatures for microcontrollers.
With assembly optimizations for Cortex-M4 and Cortex-M33.
NOTE: This is work-in-progress and not audited! The usual warnings apply: Your hamster will explode, etc. etc.
Work on salty is sponsored by
Goals
From highest to lowest priority:
- understandable code
- timing side-channel free
- design for easy integration in embedded projects
- sufficiently small compiled code size
- useful speed
The Plan
None of these releases exist quite yet.
v0.1.0
Basic signature functionality
- allocation free API for signatures
- transcription of Ed25519 from TweetNaCl
- Bjoern Haase's field arithmetic optimizations
- use subtle
v0.2.0
More tests!
- fuzzing to test correctness against known good implementation
- side-fuzzing to test for timing side-channels
v0.3.0
Completion! The rest of NaCl.
- X22519
- authenticated encryption
License
The scalar29
implementation is from curve25519-daleks
's u32 backend: LICENSE.
Salty is licensed under either of Apache License, Version 2.0 or MIT License at your option.
Unless you explicitly state otherwise, any contribution intentionally submitted for inclusion in the work by you, as defined in the Apache-2.0 license, shall be dual licensed as above, without any additional terms or conditions.
TweetNaCl is a public-domain library.
fe25519 is licensed under Creative Commons Zero v1.0 Universal.