VAMPIRE

eBACS: ECRYPT Benchmarking of Cryptographic Systems


ECRYPT II
General information: Introduction eBASH eBASC eBAEAD eBATS SUPERCOP XBX Computers
How to submit new software: Tips hash stream aead dh kem encrypt sign
List of primitives measured: lwc sha3 hash stream lwc caesar aead dh kem encrypt sign
Measurements indexed by machine: lwc sha3 hash stream lwc caesar aead dh kem encrypt sign
List of subroutines: verify decode encode sort core hashblocks scalarmult

List of public-key signature systems measured

eBATS (ECRYPT Benchmarking of Asymmetric Systems) is a project to measure the performance of public-key systems. This page focuses on public-key signatures; it lists the public-key signature systems covered by SUPERCOP. The page then lists implementations of these systems.

There is a separate page that lists machines and, for each machine, the measurements of these systems.

Designers and implementors interested in submitting new signature systems and new implementations of existing signature systems should read the call for submissions.

Which signature systems are measured?

PrimitiveDescriptionDesigners
3icp 3-invertible cycle with minus and prefix Jintai Ding
Christopher Wolf
Bo-Yin Yang
bls Boneh–Lynn–Shacham: Pairing-based short signatures Michael Scott (Dublin City University)
bluegemss128
bluegemss192
bluegemss256
bluegemss128v2 BlueGeMSS128 (2020.04 version)
bluegemss192v2 BlueGeMSS192 (2020.04 version)
bluegemss256v2 BlueGeMSS256 (2020.04 version)
dilithium2 Dilithium, level 2 security parameters (NISTPQC round 3); was smaller round-2 level-2 Dilithium before supercop-20210125 Léo Ducas (CWI)
Eike Kiltz (Ruhr-Universität Bochum)
Tancrède Lepoint (Google)
Vadim Lyubashevsky (IBM Research)
Peter Schwabe (MPI Bochum)
Gregor Seiler (IBM Research)
Damien Stehlé (ENS de Lyon)
dilithium3 Dilithium, level 3 security parameters (NISTPQC round 3); was smaller round-2 level-3 Dilithium before supercop-20210125 Léo Ducas (CWI)
Eike Kiltz (Ruhr-Universität Bochum)
Tancrède Lepoint (Google)
Vadim Lyubashevsky (IBM Research)
Peter Schwabe (MPI Bochum)
Gregor Seiler (IBM Research)
Damien Stehlé (ENS de Lyon)
dilithium4 Dilithium, very high security parameters (NISTPQC round 2)
dilithium5 Dilithium, level 5 security parameters (NISTPQC round 3) Léo Ducas (CWI)
Eike Kiltz (Ruhr-Universität Bochum)
Tancrède Lepoint (Google)
Vadim Lyubashevsky (IBM Research)
Peter Schwabe (MPI Bochum)
Gregor Seiler (IBM Research)
Damien Stehlé (ENS de Lyon)
dilithium2aes Dilithium-AES, level 2 security parameters (NISTPQC round 3); was smaller round-2 level-2 Dilithium before supercop-20210125 Léo Ducas (CWI)
Eike Kiltz (Ruhr-Universität Bochum)
Tancrède Lepoint (Google)
Vadim Lyubashevsky (IBM Research)
Peter Schwabe (MPI Bochum)
Gregor Seiler (IBM Research)
Damien Stehlé (ENS de Lyon)
dilithium3aes Dilithium-AES, level 3 security parameters (NISTPQC round 3); was smaller round-2 level-3 Dilithium before supercop-20210125 Léo Ducas (CWI)
Eike Kiltz (Ruhr-Universität Bochum)
Tancrède Lepoint (Google)
Vadim Lyubashevsky (IBM Research)
Peter Schwabe (MPI Bochum)
Gregor Seiler (IBM Research)
Damien Stehlé (ENS de Lyon)
dilithium4aes Dilithium, very high security parameters (NISTPQC round 2)
dilithium5aes Dilithium-AES, level 5 security parameters (NISTPQC round 3) Léo Ducas (CWI)
Eike Kiltz (Ruhr-Universität Bochum)
Tancrède Lepoint (Google)
Vadim Lyubashevsky (IBM Research)
Peter Schwabe (MPI Bochum)
Gregor Seiler (IBM Research)
Damien Stehlé (ENS de Lyon)
donald512 DSA signatures using a 512-bit prime Example for eBATS
donald1024 DSA signatures using a 1024-bit prime Example for eBATS
donald2048 DSA signatures using a 2048-bit prime Example for eBATS
ecdonaldb163 ECDSA signatures using the standard NIST B-163 elliptic curve, a curve over a field of size 2^163 Example for eBATS
ecdonaldb233 ECDSA signatures using the standard NIST B-233 elliptic curve, a curve over a field of size 2^233 Example for eBATS
ecdonaldb283 ECDSA signatures using the standard NIST B-283 elliptic curve, a curve over a field of size 2^283 Example for eBATS
ecdonaldb409 ECDSA signatures using the standard NIST B-409 elliptic curve, a curve over a field of size 2^409 Example for eBATS
ecdonaldb571 ECDSA signatures using the standard NIST B-571 elliptic curve, a curve over a field of size 2^571 Example for eBATS
ecdonaldk163 ECDSA signatures using the standard NIST K-163 elliptic curve, a Koblitz curve over a field of size 2^163 Example for eBATS
ecdonaldk233 ECDSA signatures using the standard NIST K-233 elliptic curve, a Koblitz curve over a field of size 2^233 Example for eBATS
ecdonaldk283 ECDSA signatures using the standard NIST K-283 elliptic curve, a Koblitz curve over a field of size 2^283 Example for eBATS
ecdonaldk409 ECDSA signatures using the standard NIST K-409 elliptic curve, a Koblitz curve over a field of size 2^409 Example for eBATS
ecdonaldk571 ECDSA signatures using the standard NIST K-571 elliptic curve, a Koblitz curve over a field of size 2^571 Example for eBATS
ecdonaldp160 ECDSA signatures using the standard SECP160R1 elliptic curve, a curve modulo the prime 2^160-2^31-1 Example for eBATS
ecdonaldp192 ECDSA signatures using the standard NIST P-192 elliptic curve, a curve modulo the prime 2^192-2^64-1 Example for eBATS
ecdonaldp224 ECDSA signatures using the standard NIST P-224 elliptic curve, a curve modulo the prime 2^224-2^96+1 Example for eBATS
ecdonaldp256 ECDSA signatures using the standard NIST P-256 elliptic curve, a curve modulo the prime 2^256-2^224+2^192+2^96-1 Example for eBATS
ecdonaldp384 ECDSA signatures using the standard NIST P-384 elliptic curve, a curve modulo the prime 2^384-2^128-2^96+2^32-1 Example for eBATS
ecdonaldp521 ECDSA signatures using the standard NIST P-521 elliptic curve, a curve modulo the prime 2^521-1 Example for eBATS
ed25519 EdDSA signatures using Curve25519 Daniel J. Bernstein
Niels Duif
Tanja Lange
Peter Schwabe
Bo-Yin Yang
ed448goldilocks Ed448-Goldilocks sign and dh Mike Hamburg
edons128k08n72nu8l4mu3 An alternative Edon-S signature scheme proposal in Category 2. Conjectured security requires computational resources comparable to or greater than those required for finding collisions in SHA256 - Category 2 Danilo Gligoroski
edons128ref Reference proposal for signature scheme Edon-S128. Conjectured security requires computational resources comparable to or greater than those required for finding collisions in SHA256 - Category 2 Danilo Gligoroski
falcon1024dyn Falcon-1024 (LDL tree dynamically rebuilt) (NISTPQC round 2) Pierre-Alain Fouque
Jeffrey Hoffstein
Paul Kirchner
Vadim Lyubashevsky
Thomas Pornin
Thomas Prest
Thomas Ricosset
Gregor Seiler
William Whyte
Zhenfei Zhang
falcon1024tree Falcon-1024 (LDL tree computed at keygen time) (NISTPQC round 2) Pierre-Alain Fouque
Jeffrey Hoffstein
Paul Kirchner
Vadim Lyubashevsky
Thomas Pornin
Thomas Prest
Thomas Ricosset
Gregor Seiler
William Whyte
Zhenfei Zhang
falcon512dyn Falcon-512 (LDL tree dynamically rebuilt) (NISTPQC round 2) Pierre-Alain Fouque
Jeffrey Hoffstein
Paul Kirchner
Vadim Lyubashevsky
Thomas Pornin
Thomas Prest
Thomas Ricosset
Gregor Seiler
William Whyte
Zhenfei Zhang
falcon512tree Falcon-512 (LDL tree computed at keygen time) (NISTPQC round 2) Pierre-Alain Fouque
Jeffrey Hoffstein
Paul Kirchner
Vadim Lyubashevsky
Thomas Pornin
Thomas Prest
Thomas Ricosset
Gregor Seiler
William Whyte
Zhenfei Zhang
fslwe25 A signature function based on lattices, based on "Fiat-Shamir with aborts: Applications to lattices and factoring-based signatures" at Asiacrypt'09 from Vadim Lyubashevsky.
fslwe37 A signature function based on lattices, based on "Fiat-Shamir with aborts: Applications to lattices and factoring-based signatures" at Asiacrypt'09 from Vadim Lyubashevsky.
fslwe47 A signature function based on lattices, based on "Fiat-Shamir with aborts: Applications to lattices and factoring-based signatures" at Asiacrypt'09 from Vadim Lyubashevsky.
fslwe69 A signature function based on lattices, based on "Fiat-Shamir with aborts: Applications to lattices and factoring-based signatures" at Asiacrypt'09 from Vadim Lyubashevsky.
gemss128
gemss192
gemss256
gemss128v2 GeMSS128 (2020.04 version)
gemss192v2 GeMSS192 (2020.04 version)
gemss256v2 GeMSS256 (2020.04 version)
gravitysphincsl
gravitysphincsm
gravitysphincss
gui184
gui312
gui448
hector Hyperelliptic Curve with Two-Rank One: Signatures using a genus-2 hyperelliptic curve of 2-rank 1 over a field of size 2^113 Peter Birkner (Technische Universiteit Eindhoven)
Peter Schwabe (Technische Universiteit Eindhoven)
lattisigns512 Tim Güneysu
Vadim Lyubashevsky
Thomas Pöppelmann
luov863256 The LUOV signature scheme, with parameters for NIST security level 2. Ward Beullens
luov890351 The LUOV signature scheme, with parameters for NIST security level 4. Ward Beullens
luov4849242
luov6468330
luov8117404pc The LUOV signature scheme, with parameters for NIST security level 5. This version does a precomputation on the secret and private key. Ward Beullens
luov863256pc The LUOV signature scheme, with parameters for NIST security level 2. This version does a precomputation on the secret and private key. Ward Beullens
luov890351pc The LUOV signature scheme, with parameters for NIST security level 5. This version does a precomputation on the secret and private key. Ward Beullens
luov8086399
luov8117404 The LUOV signature scheme, with parameters for NIST security level 5. Ward Beullens
mqdss48
mqdss64
mqqsig160 mqqsig160 - 160-bit signatures based on Multivariate-Quadratic-Quasigroups Danilo Gligoroski (The Norwegian University of Science and Technology (NTNU), NORWAY)
Rune Steinsmo Ødegard (The Norwegian University of Science and Technology (NTNU), NORWAY)
Rune Erlend Jensen (The Norwegian University of Science and Technology (NTNU), NORWAY)
Ludovic Perret (Pierre and Marie Curie University - Paris, FRANCE)
Jean-Charles Fauge`re (Pierre and Marie Curie University - Paris, FRANCE)
Svein Johan Knapskog (The Norwegian University of Science and Technology (NTNU), NORWAY)
Smile Markovski (Ss Cyril and Methodius University - Skopje, MAKEDONIJA)

mqqsig192 mqqsig192 - 192-bit signatures based on Multivariate-Quadratic-Quasigroups Danilo Gligoroski (The Norwegian University of Science and Technology (NTNU), NORWAY)
Rune Steinsmo Ødegard (The Norwegian University of Science and Technology (NTNU), NORWAY)
Rune Erlend Jensen (The Norwegian University of Science and Technology (NTNU), NORWAY)
Ludovic Perret (Pierre and Marie Curie University - Paris, FRANCE)
Jean-Charles Fauge`re (Pierre and Marie Curie University - Paris, FRANCE)
Svein Johan Knapskog (The Norwegian University of Science and Technology (NTNU), NORWAY)
Smile Markovski (Ss Cyril and Methodius University - Skopje, MAKEDONIJA)

mqqsig224 mqqsig224 - 224-bit signatures based on Multivariate-Quadratic-Quasigroups Danilo Gligoroski (The Norwegian University of Science and Technology (NTNU), NORWAY)
Rune Steinsmo Ødegard (The Norwegian University of Science and Technology (NTNU), NORWAY)
Rune Erlend Jensen (The Norwegian University of Science and Technology (NTNU), NORWAY)
Ludovic Perret (Pierre and Marie Curie University - Paris, FRANCE)
Jean-Charles Fauge`re (Pierre and Marie Curie University - Paris, FRANCE)
Svein Johan Knapskog (The Norwegian University of Science and Technology (NTNU), NORWAY)
Smile Markovski (Ss Cyril and Methodius University - Skopje, MAKEDONIJA)

mqqsig256 mqqsig256 - 256-bit signatures based on Multivariate-Quadratic-Quasigroups Danilo Gligoroski (The Norwegian University of Science and Technology (NTNU), NORWAY)
Rune Steinsmo Ødegard (The Norwegian University of Science and Technology (NTNU), NORWAY)
Rune Erlend Jensen (The Norwegian University of Science and Technology (NTNU), NORWAY)
Ludovic Perret (Pierre and Marie Curie University - Paris, FRANCE)
Jean-Charles Fauge`re (Pierre and Marie Curie University - Paris, FRANCE)
Svein Johan Knapskog (The Norwegian University of Science and Technology (NTNU), NORWAY)
Smile Markovski (Ss Cyril and Methodius University - Skopje, MAKEDONIJA)

ntrumls401x Parameters N: 401, q: 2^18, p: 3. Estimated security: 112 bits Jeff Hoffstein
Jill Pipher
John M. Schanck
Joseph H. Silverman
William Whyte
ntrumls439x Parameters N: 439, q: 2^19, p: 3. Estimated security: 128 bits Jeff Hoffstein
Jill Pipher
John M. Schanck
Joseph H. Silverman
William Whyte
ntrumls593x Parameters N: 593, q: 2^19, p: 3. Estimated security: 192 bits Jeff Hoffstein
Jill Pipher
John M. Schanck
Joseph H. Silverman
William Whyte
ntrumls743x Parameters N: 743, q: 2^20, p: 3. Estimated security: 256 bits Jeff Hoffstein
Jill Pipher
John M. Schanck
Joseph H. Silverman
William Whyte
pass769
pass863
pflash1 C*- with a prefix over GF16 designed to match SFLASH Jintai Ding
Bo-Yin Yang
picnic2l1fs Melissa Chase (Microsoft Research)
David Derler (DFINITY)
Steven Goldfeder (Cornell Tech)
Jonathan Katz (University of Maryland)
Vladimir Kolesnikov (Georgia Tech)
Claudio Orlandi (Aarhus University)
Sebastian Ramacher (AIT Austrian Institute of Technology)
Christian Rechberger (Graz University of Technology)
Daniel Slamanig (AIT Austrian Institute of Technology)
Xiao Wang (Northwestern University)
Greg Zaverucha (Microsoft Research)
picnic2l3fs Melissa Chase (Microsoft Research)
David Derler (DFINITY)
Steven Goldfeder (Cornell Tech)
Jonathan Katz (University of Maryland)
Vladimir Kolesnikov (Georgia Tech)
Claudio Orlandi (Aarhus University)
Sebastian Ramacher (AIT Austrian Institute of Technology)
Christian Rechberger (Graz University of Technology)
Daniel Slamanig (AIT Austrian Institute of Technology)
Xiao Wang (Northwestern University)
Greg Zaverucha (Microsoft Research)
picnic2l5fs Melissa Chase (Microsoft Research)
David Derler (DFINITY)
Steven Goldfeder (Cornell Tech)
Jonathan Katz (University of Maryland)
Vladimir Kolesnikov (Georgia Tech)
Claudio Orlandi (Aarhus University)
Sebastian Ramacher (AIT Austrian Institute of Technology)
Christian Rechberger (Graz University of Technology)
Daniel Slamanig (AIT Austrian Institute of Technology)
Xiao Wang (Northwestern University)
Greg Zaverucha (Microsoft Research)
picnic3l1 picnic3-L1 (2020.04 version) Melissa Chase (Microsoft Research)
David Derler (DFINITY)
Steven Goldfeder (Cornell Tech)
Daniel Kales (Graz University of Technology)
Jonathan Katz (University of Maryland)
Vladimir Kolesnikov (Georgia Tech)
Claudio Orlandi (Aarhus University)
Sebastian Ramacher (AIT Austrian Institute of Technology)
Christian Rechberger (Graz University of Technology)
Daniel Slamanig (AIT Austrian Institute of Technology)
Xiao Wang (Northwestern University)
Greg Zaverucha (Microsoft Research)
picnic3l3 picnic3-L3 (2020.04 version) Melissa Chase (Microsoft Research)
David Derler (DFINITY)
Steven Goldfeder (Cornell Tech)
Daniel Kales (Graz University of Technology)
Jonathan Katz (University of Maryland)
Vladimir Kolesnikov (Georgia Tech)
Claudio Orlandi (Aarhus University)
Sebastian Ramacher (AIT Austrian Institute of Technology)
Christian Rechberger (Graz University of Technology)
Daniel Slamanig (AIT Austrian Institute of Technology)
Xiao Wang (Northwestern University)
Greg Zaverucha (Microsoft Research)
picnic3l5 picnic3-L5 (2020.04 version) Melissa Chase (Microsoft Research)
David Derler (DFINITY)
Steven Goldfeder (Cornell Tech)
Daniel Kales (Graz University of Technology)
Jonathan Katz (University of Maryland)
Vladimir Kolesnikov (Georgia Tech)
Claudio Orlandi (Aarhus University)
Sebastian Ramacher (AIT Austrian Institute of Technology)
Christian Rechberger (Graz University of Technology)
Daniel Slamanig (AIT Austrian Institute of Technology)
Xiao Wang (Northwestern University)
Greg Zaverucha (Microsoft Research)
picnicl1fs Melissa Chase (Microsoft Research)
David Derler (DFINITY)
Steven Goldfeder (Cornell Tech)
Daniel Kales (Graz University of Technology)
Jonathan Katz (University of Maryland)
Vladimir Kolesnikov (Georgia Tech)
Claudio Orlandi (Aarhus University)
Sebastian Ramacher (AIT Austrian Institute of Technology)
Christian Rechberger (Graz University of Technology)
Daniel Slamanig (AIT Austrian Institute of Technology)
Xiao Wang (Northwestern University)
Greg Zaverucha (Microsoft Research)
picnicl1full Melissa Chase (Microsoft Research)
David Derler (DFINITY)
Steven Goldfeder (Cornell Tech)
Daniel Kales (Graz University of Technology)
Jonathan Katz (University of Maryland)
Vladimir Kolesnikov (Georgia Tech)
Claudio Orlandi (Aarhus University)
Sebastian Ramacher (AIT Austrian Institute of Technology)
Christian Rechberger (Graz University of Technology)
Daniel Slamanig (AIT Austrian Institute of Technology)
Xiao Wang (Northwestern University)
Greg Zaverucha (Microsoft Research)
picnicl1ur Melissa Chase (Microsoft Research)
David Derler (DFINITY)
Steven Goldfeder (Cornell Tech)
Daniel Kales (Graz University of Technology)
Jonathan Katz (University of Maryland)
Vladimir Kolesnikov (Georgia Tech)
Claudio Orlandi (Aarhus University)
Sebastian Ramacher (AIT Austrian Institute of Technology)
Christian Rechberger (Graz University of Technology)
Daniel Slamanig (AIT Austrian Institute of Technology)
Xiao Wang (Northwestern University)
Greg Zaverucha (Microsoft Research)
picnicl3fs Melissa Chase (Microsoft Research)
David Derler (DFINITY)
Steven Goldfeder (Cornell Tech)
Daniel Kales (Graz University of Technology)
Jonathan Katz (University of Maryland)
Vladimir Kolesnikov (Georgia Tech)
Claudio Orlandi (Aarhus University)
Sebastian Ramacher (AIT Austrian Institute of Technology)
Christian Rechberger (Graz University of Technology)
Daniel Slamanig (AIT Austrian Institute of Technology)
Xiao Wang (Northwestern University)
Greg Zaverucha (Microsoft Research)
picnicl3full Melissa Chase (Microsoft Research)
David Derler (DFINITY)
Steven Goldfeder (Cornell Tech)
Daniel Kales (Graz University of Technology)
Jonathan Katz (University of Maryland)
Vladimir Kolesnikov (Georgia Tech)
Claudio Orlandi (Aarhus University)
Sebastian Ramacher (AIT Austrian Institute of Technology)
Christian Rechberger (Graz University of Technology)
Daniel Slamanig (AIT Austrian Institute of Technology)
Xiao Wang (Northwestern University)
Greg Zaverucha (Microsoft Research)
picnicl3ur Melissa Chase (Microsoft Research)
David Derler (DFINITY)
Steven Goldfeder (Cornell Tech)
Daniel Kales (Graz University of Technology)
Jonathan Katz (University of Maryland)
Vladimir Kolesnikov (Georgia Tech)
Claudio Orlandi (Aarhus University)
Sebastian Ramacher (AIT Austrian Institute of Technology)
Christian Rechberger (Graz University of Technology)
Daniel Slamanig (AIT Austrian Institute of Technology)
Xiao Wang (Northwestern University)
Greg Zaverucha (Microsoft Research)
picnicl5fs Melissa Chase (Microsoft Research)
David Derler (DFINITY)
Steven Goldfeder (Cornell Tech)
Daniel Kales (Graz University of Technology)
Jonathan Katz (University of Maryland)
Vladimir Kolesnikov (Georgia Tech)
Claudio Orlandi (Aarhus University)
Sebastian Ramacher (AIT Austrian Institute of Technology)
Christian Rechberger (Graz University of Technology)
Daniel Slamanig (AIT Austrian Institute of Technology)
Xiao Wang (Northwestern University)
Greg Zaverucha (Microsoft Research)
picnicl5full Melissa Chase (Microsoft Research)
David Derler (DFINITY)
Steven Goldfeder (Cornell Tech)
Daniel Kales (Graz University of Technology)
Jonathan Katz (University of Maryland)
Vladimir Kolesnikov (Georgia Tech)
Claudio Orlandi (Aarhus University)
Sebastian Ramacher (AIT Austrian Institute of Technology)
Christian Rechberger (Graz University of Technology)
Daniel Slamanig (AIT Austrian Institute of Technology)
Xiao Wang (Northwestern University)
Greg Zaverucha (Microsoft Research)
picnicl5ur Melissa Chase (Microsoft Research)
David Derler (DFINITY)
Steven Goldfeder (Cornell Tech)
Daniel Kales (Graz University of Technology)
Jonathan Katz (University of Maryland)
Vladimir Kolesnikov (Georgia Tech)
Claudio Orlandi (Aarhus University)
Sebastian Ramacher (AIT Austrian Institute of Technology)
Christian Rechberger (Graz University of Technology)
Daniel Slamanig (AIT Austrian Institute of Technology)
Xiao Wang (Northwestern University)
Greg Zaverucha (Microsoft Research)
pqrsa15
qtesla1
qtesla128
qtesla192
qtesla256
qtesla1p
qtesla3f
qtesla3p
qtesla3s
rainbow Rainbow multivariate-quadratic signatures Jintai Ding (University of Cincinnati)
Dieter Schmidt (University of Cincinnati)
rainbow5640 Rainbow over GF31 (31,16,20,20) Jintai Ding
Bo-Yin Yang
rainbow6440 Rainbow over GF31 (31,26,20,20) Jintai Ding
Bo-Yin Yang
rainbow181212 Rainbow multivariate quadratic signature scheme wih parameter set (17, 12)(1, 12).
rainbow1a
rainbow1aclassic363232
rainbow1acompres363232
rainbow1acyclicc363232
rainbow1b
rainbow1c
rainbow3b
rainbow3c
rainbow3cclassic683248
rainbow3ccompres683248
rainbow3ccyclicc683248
rainbow4a
rainbow5c
rainbow5cclassic963664
rainbow5ccompres963664
rainbow5ccyclicc963664
rainbow6a
rainbow6b
rainbowbinary16242020 Rainbow over GF16 (16,24,20,20) Bo-Yin Yang
rainbowbinary256181212 Rainbow over GF256 (256,18,12,12) Bo-Yin Yang
redgemss128
redgemss192
redgemss256
redgemss128v2 RedGeMSS128 (2020.04 version)
redgemss192v2 RedGeMSS192 (2020.04 version)
redgemss256v2 RedGeMSS256 (2020.04 version)
ronald512 512-bit RSA signatures with message recovery Example for eBATS
ronald768 768-bit RSA signatures with message recovery Example for eBATS
ronald1024 1024-bit RSA signatures with message recovery Example for eBATS
ronald1536 1536-bit RSA signatures with message recovery Example for eBATS
ronald2048 2048-bit RSA signatures with message recovery Example for eBATS
ronald3072 3072-bit RSA signatures with message recovery Example for eBATS
ronald4096 4096-bit RSA signatures with message recovery Example for eBATS
rwb0fuz1024 1024-bit Rabin-Williams signatures with compression Adam Langley (Google)
sflashv2 SFLASHv2 multivariate-quadratic signatures Louis Goubin (Université de Versailles)
Nicolas Courtois (University College London)
Thomas Icart (École Polytechnique)
sphincs256 Daniel J. Bernstein1
Daira Hopwood
Andreas Hülsing
Tanja Lange
Ruben Niederhagen
Louiza Papachristodoulou
Peter Schwabe
Zooko Wilcox O'Hearn
sphincsf128harakarobust SPHINCS+-Haraka-128f-robust (NISTPQC round 2)
sphincsf128harakasimple SPHINCS+-Haraka-128f-simple (NISTPQC round 2)
sphincsf128sha256robust SPHINCS+-SHA-256-128f-robust (NISTPQC round 2)
sphincsf128sha256simple SPHINCS+-SHA-256-128f-simple (NISTPQC round 2)
sphincsf128shake256robust SPHINCS+-SHAKE256-128f-robust (NISTPQC round 2)
sphincsf128shake256simple SPHINCS+-SHAKE256-128f-simple (NISTPQC round 2)
sphincsf192harakarobust SPHINCS+-Haraka-192f-robust (NISTPQC round 2)
sphincsf192harakasimple SPHINCS+-Haraka-192f-simple (NISTPQC round 2)
sphincsf192sha256robust SPHINCS+-SHA-256-192f-robust (NISTPQC round 2)
sphincsf192sha256simple SPHINCS+-SHA-256-192f-simple (NISTPQC round 2)
sphincsf192shake256robust SPHINCS+-SHAKE256-192f-robust (NISTPQC round 2)
sphincsf192shake256simple SPHINCS+-SHAKE256-192f-simple (NISTPQC round 2)
sphincsf256harakarobust SPHINCS+-Haraka-256f-robust (NISTPQC round 2)
sphincsf256harakasimple SPHINCS+-Haraka-256f-simple (NISTPQC round 2)
sphincsf256sha256robust SPHINCS+-SHA-256-256f-robust (NISTPQC round 2)
sphincsf256sha256simple SPHINCS+-SHA-256-256f-simple (NISTPQC round 2)
sphincsf256shake256robust SPHINCS+-SHAKE256-256f-robust (NISTPQC round 2)
sphincsf256shake256simple SPHINCS+-SHAKE256-256f-simple (NISTPQC round 2)
sphincss128harakarobust SPHINCS+-Haraka-128s-robust (NISTPQC round 2)
sphincss128harakasimple SPHINCS+-Haraka-128s-simple (NISTPQC round 2)
sphincss128sha256robust SPHINCS+-SHA-256-128s-robust (NISTPQC round 2)
sphincss128sha256simple SPHINCS+-SHA-256-128s-simple (NISTPQC round 2)
sphincss128shake256robust SPHINCS+-SHAKE256-128s-robust (NISTPQC round 2)
sphincss128shake256simple SPHINCS+-SHAKE256-128s-simple (NISTPQC round 2)
sphincss192harakarobust SPHINCS+-Haraka-192s-robust (NISTPQC round 2)
sphincss192harakasimple SPHINCS+-Haraka-192s-simple (NISTPQC round 2)
sphincss192sha256robust SPHINCS+-SHA-256-192s-robust (NISTPQC round 2)
sphincss192sha256simple SPHINCS+-SHA-256-192s-simple (NISTPQC round 2)
sphincss192shake256robust SPHINCS+-SHAKE256-192s-robust (NISTPQC round 2)
sphincss192shake256simple SPHINCS+-SHAKE256-192s-simple (NISTPQC round 2)
sphincss256harakarobust SPHINCS+-Haraka-256s-robust (NISTPQC round 2)
sphincss256harakasimple SPHINCS+-Haraka-256s-simple (NISTPQC round 2)
sphincss256sha256robust SPHINCS+-SHA-256-256s-robust (NISTPQC round 2)
sphincss256sha256simple SPHINCS+-SHA-256-256s-simple (NISTPQC round 2)
sphincss256shake256robust SPHINCS+-SHAKE256-256s-robust (NISTPQC round 2)
sphincss256shake256simple SPHINCS+-SHAKE256-256s-simple (NISTPQC round 2)
tts6440 Rainbow over GF16 Bo-Yin Yang

Implementations

PrimitiveImplementationAuthors
3icpref Frost Yu-Shuang Li
Tien-Ren Chen
Ming-Shing Chen
blsref Michael Scott, Dublin City University
bluegemss128opt
bluegemss128ref
bluegemss128skylake
bluegemss192opt
bluegemss192ref
bluegemss192skylake
bluegemss256opt
bluegemss256ref
bluegemss256skylake
bluegemss128v2opt
bluegemss128v2ref
bluegemss128v2skylake
bluegemss192v2opt
bluegemss192v2ref
bluegemss192v2skylake
bluegemss256v2opt
bluegemss256v2ref
bluegemss256v2skylake
dilithium2avx2
dilithium2ref
dilithium3avx2
dilithium3ref
dilithium5avx2
dilithium5ref
dilithium2aesavx2
dilithium2aesref
dilithium3aesavx2
dilithium3aesref
dilithium5aesavx2
dilithium5aesref
donald512openssl Daniel J. Bernstein (wrapper around OpenSSL)
donald512opensslnew Daniel J. Bernstein (wrapper around OpenSSL)
donald1024openssl Daniel J. Bernstein (wrapper around OpenSSL)
donald1024opensslnew Daniel J. Bernstein (wrapper around OpenSSL)
donald2048cryptopp Wei Dai (wrapper around Crypto++)
donald2048openssl Daniel J. Bernstein (wrapper around OpenSSL)
donald2048opensslnew Daniel J. Bernstein (wrapper around OpenSSL)
ecdonaldb163openssl Daniel J. Bernstein (wrapper around OpenSSL)
ecdonaldb163opensslnew Daniel J. Bernstein (wrapper around OpenSSL)
ecdonaldb233openssl Daniel J. Bernstein (wrapper around OpenSSL)
ecdonaldb233opensslnew Daniel J. Bernstein (wrapper around OpenSSL)
ecdonaldb283openssl Daniel J. Bernstein (wrapper around OpenSSL)
ecdonaldb283opensslnew Daniel J. Bernstein (wrapper around OpenSSL)
ecdonaldb409openssl Daniel J. Bernstein (wrapper around OpenSSL)
ecdonaldb409opensslnew Daniel J. Bernstein (wrapper around OpenSSL)
ecdonaldb571openssl Daniel J. Bernstein (wrapper around OpenSSL)
ecdonaldb571opensslnew Daniel J. Bernstein (wrapper around OpenSSL)
ecdonaldk163openssl Daniel J. Bernstein (wrapper around OpenSSL)
ecdonaldk163opensslnew Daniel J. Bernstein (wrapper around OpenSSL)
ecdonaldk233openssl Daniel J. Bernstein (wrapper around OpenSSL)
ecdonaldk233opensslnew Daniel J. Bernstein (wrapper around OpenSSL)
ecdonaldk283openssl Daniel J. Bernstein (wrapper around OpenSSL)
ecdonaldk283opensslnew Daniel J. Bernstein (wrapper around OpenSSL)
ecdonaldk409openssl Daniel J. Bernstein (wrapper around OpenSSL)
ecdonaldk409opensslnew Daniel J. Bernstein (wrapper around OpenSSL)
ecdonaldk571openssl Daniel J. Bernstein (wrapper around OpenSSL)
ecdonaldk571opensslnew Daniel J. Bernstein (wrapper around OpenSSL)
ecdonaldp160openssl Daniel J. Bernstein (wrapper around OpenSSL)
ecdonaldp160opensslnew Daniel J. Bernstein (wrapper around OpenSSL)
ecdonaldp192openssl Daniel J. Bernstein (wrapper around OpenSSL)
ecdonaldp192opensslnew Daniel J. Bernstein (wrapper around OpenSSL)
ecdonaldp224openssl Daniel J. Bernstein (wrapper around OpenSSL)
ecdonaldp224opensslnew Daniel J. Bernstein (wrapper around OpenSSL)
ecdonaldp256openssl Daniel J. Bernstein (wrapper around OpenSSL)
ecdonaldp256opensslnew Daniel J. Bernstein (wrapper around OpenSSL)
ecdonaldp384openssl Daniel J. Bernstein (wrapper around OpenSSL)
ecdonaldp384opensslnew Daniel J. Bernstein (wrapper around OpenSSL)
ecdonaldp521openssl Daniel J. Bernstein (wrapper around OpenSSL)
ecdonaldp521opensslnew Daniel J. Bernstein (wrapper around OpenSSL)
ed25519amd64-51-30k Daniel J. Bernstein
Niels Duif
Tanja Lange
lead: Peter Schwabe
Bo-Yin Yang
ed25519amd64-64-24k Daniel J. Bernstein
Niels Duif
Tanja Lange
lead: Peter Schwabe
Bo-Yin Yang
ed25519ref Daniel J. Bernstein
Niels Duif
Tanja Lange
lead: Peter Schwabe
Bo-Yin Yang
ed25519ref10
ed448goldilocks32
ed448goldilocks64
ed448goldilocksamd64
ed448goldilocksarm32
ed448goldilocksneon
edons128k08n72nu8l4mu3ref Danilo Gligoroski
edons128refref Danilo Gligoroski
falcon1024dynavx2 Thomas Pornin
falcon1024dynfpu Thomas Pornin
falcon1024dynref Thomas Pornin
falcon1024treeavx2 Thomas Pornin
falcon1024treefpu Thomas Pornin
falcon1024treeref Thomas Pornin
falcon512dynavx2 Thomas Pornin
falcon512dynfpu Thomas Pornin
falcon512dynref Thomas Pornin
falcon512treeavx2 Thomas Pornin
falcon512treefpu Thomas Pornin
falcon512treeref Thomas Pornin
fslwe25ref
fslwe37ref
fslwe47ref
fslwe69ref
gemss128opt
gemss128ref
gemss128skylake
gemss192opt
gemss192ref
gemss192skylake
gemss256opt
gemss256ref
gemss256skylake
gemss128v2opt
gemss128v2ref
gemss128v2skylake
gemss192v2opt
gemss192v2ref
gemss192v2skylake
gemss256v2opt
gemss256v2ref
gemss256v2skylake
gravitysphincslfast
gravitysphincslref
gravitysphincsmfast
gravitysphincsmref
gravitysphincssfast
gravitysphincssref
gui184amd64
gui184pclmulqdq
gui184ref
gui312amd64
gui312pclmulqdq
gui312ref
gui448amd64
gui448pclmulqdq
gui448ref
hectorref Peter Birkner, Technische Universiteit Eindhoven
Peter Schwabe, Technische Universiteit Eindhoven
lattisigns512avx Tim Güneysu
Tobias Oder
Thomas Pöppelmann
Peter Schwabe
luov863256avx2 Ward Beullens
luov863256portable
luov863256ref
luov890351avx2 Ward Beullens
luov890351portable
luov890351ref
luov4849242portable
luov4849242ref
luov6468330portable
luov6468330ref
luov8117404pcavx2 Ward Beullens
luov863256pcavx2 Ward Beullens
luov890351pcavx2 Ward Beullens
luov8086399portable
luov8086399ref
luov8117404avx2 Ward Beullens
luov8117404portable
luov8117404ref
mqdss48avx2
mqdss48ref
mqdss64avx2
mqdss64ref
mqqsig160sse Rune Erlend Jensen
Danilo Gligoroski

mqqsig192ref Rune Erlend Jensen
Danilo Gligoroski

mqqsig224ref Rune Erlend Jensen
Danilo Gligoroski

mqqsig256ref Rune Erlend Jensen
Danilo Gligoroski

ntrumls401xref John M. Schanck
ntrumls439xref John M. Schanck
ntrumls593xref John M. Schanck
ntrumls743xref John M. Schanck
pass769ref-karatsuba
pass863ref-karatsuba
pflash1ref Chia-Hsin Owen Chen
Ming-Shing Chen
picnic2l1fsoptimizedct/avx2 David Derler (Graz University of Technology)
Alexander Grass (Graz University of Technology)
Daniel Kales (Graz University of Technology)
Angela Promitzer
Sebastian Ramacher (AIT Austrian Institute of Technology)
picnic2l1fsoptimizedct/c David Derler (Graz University of Technology)
Alexander Grass (Graz University of Technology)
Daniel Kales (Graz University of Technology)
Angela Promitzer
Sebastian Ramacher (AIT Austrian Institute of Technology)
picnic2l1fsoptimizedct/neon David Derler (Graz University of Technology)
Alexander Grass (Graz University of Technology)
Daniel Kales (Graz University of Technology)
Angela Promitzer
Sebastian Ramacher (AIT Austrian Institute of Technology)
picnic2l1fsoptimizedct/sse2 David Derler (Graz University of Technology)
Alexander Grass (Graz University of Technology)
Daniel Kales (Graz University of Technology)
Angela Promitzer
Sebastian Ramacher (AIT Austrian Institute of Technology)
picnic2l1fsref Greg Zaverucha (Microsoft Research)
picnic2l3fsoptimizedct/avx2 David Derler (Graz University of Technology)
Alexander Grass (Graz University of Technology)
Daniel Kales (Graz University of Technology)
Angela Promitzer
Sebastian Ramacher (AIT Austrian Institute of Technology)
picnic2l3fsoptimizedct/c David Derler (Graz University of Technology)
Alexander Grass (Graz University of Technology)
Daniel Kales (Graz University of Technology)
Angela Promitzer
Sebastian Ramacher (AIT Austrian Institute of Technology)
picnic2l3fsoptimizedct/neon David Derler (Graz University of Technology)
Alexander Grass (Graz University of Technology)
Daniel Kales (Graz University of Technology)
Angela Promitzer
Sebastian Ramacher (AIT Austrian Institute of Technology)
picnic2l3fsoptimizedct/sse2 David Derler (Graz University of Technology)
Alexander Grass (Graz University of Technology)
Daniel Kales (Graz University of Technology)
Angela Promitzer
Sebastian Ramacher (AIT Austrian Institute of Technology)
picnic2l3fsref Greg Zaverucha (Microsoft Research)
picnic2l5fsoptimizedct/avx2 David Derler (Graz University of Technology)
Alexander Grass (Graz University of Technology)
Daniel Kales (Graz University of Technology)
Angela Promitzer
Sebastian Ramacher (AIT Austrian Institute of Technology)
picnic2l5fsoptimizedct/c David Derler (Graz University of Technology)
Alexander Grass (Graz University of Technology)
Daniel Kales (Graz University of Technology)
Angela Promitzer
Sebastian Ramacher (AIT Austrian Institute of Technology)
picnic2l5fsoptimizedct/neon David Derler (Graz University of Technology)
Alexander Grass (Graz University of Technology)
Daniel Kales (Graz University of Technology)
Angela Promitzer
Sebastian Ramacher (AIT Austrian Institute of Technology)
picnic2l5fsoptimizedct/sse2 David Derler (Graz University of Technology)
Alexander Grass (Graz University of Technology)
Daniel Kales (Graz University of Technology)
Angela Promitzer
Sebastian Ramacher (AIT Austrian Institute of Technology)
picnic2l5fsref Greg Zaverucha (Microsoft Research)
picnic3l1optimizedct/avx2 David Derler (Graz University of Technology)
Alexander Grass (Graz University of Technology)
Daniel Kales (Graz University of Technology)
Angela Promitzer
Sebastian Ramacher (AIT Austrian Institute of Technology)
picnic3l1optimizedct/c David Derler (Graz University of Technology)
Alexander Grass (Graz University of Technology)
Daniel Kales (Graz University of Technology)
Angela Promitzer
Sebastian Ramacher (AIT Austrian Institute of Technology)
picnic3l1optimizedct/neon David Derler (Graz University of Technology)
Alexander Grass (Graz University of Technology)
Daniel Kales (Graz University of Technology)
Angela Promitzer
Sebastian Ramacher (AIT Austrian Institute of Technology)
picnic3l1optimizedct/sse2 David Derler (Graz University of Technology)
Alexander Grass (Graz University of Technology)
Daniel Kales (Graz University of Technology)
Angela Promitzer
Sebastian Ramacher (AIT Austrian Institute of Technology)
picnic3l1ref Greg Zaverucha (Microsoft Research)
Sebastian Ramacher (AIT Austrian Institute of Technology)
Daniel Kales (Graz University of Technology)
Steven Goldfeder (Princeton University)
picnic3l3optimizedct/avx2 David Derler (Graz University of Technology)
Alexander Grass (Graz University of Technology)
Daniel Kales (Graz University of Technology)
Angela Promitzer
Sebastian Ramacher (AIT Austrian Institute of Technology)
picnic3l3optimizedct/c David Derler (Graz University of Technology)
Alexander Grass (Graz University of Technology)
Daniel Kales (Graz University of Technology)
Angela Promitzer
Sebastian Ramacher (AIT Austrian Institute of Technology)
picnic3l3optimizedct/neon David Derler (Graz University of Technology)
Alexander Grass (Graz University of Technology)
Daniel Kales (Graz University of Technology)
Angela Promitzer
Sebastian Ramacher (AIT Austrian Institute of Technology)
picnic3l3optimizedct/sse2 David Derler (Graz University of Technology)
Alexander Grass (Graz University of Technology)
Daniel Kales (Graz University of Technology)
Angela Promitzer
Sebastian Ramacher (AIT Austrian Institute of Technology)
picnic3l3ref Greg Zaverucha (Microsoft Research)
Sebastian Ramacher (AIT Austrian Institute of Technology)
Daniel Kales (Graz University of Technology)
Steven Goldfeder (Princeton University)
picnic3l5optimizedct/avx2 David Derler (Graz University of Technology)
Alexander Grass (Graz University of Technology)
Daniel Kales (Graz University of Technology)
Angela Promitzer
Sebastian Ramacher (AIT Austrian Institute of Technology)
picnic3l5optimizedct/c David Derler (Graz University of Technology)
Alexander Grass (Graz University of Technology)
Daniel Kales (Graz University of Technology)
Angela Promitzer
Sebastian Ramacher (AIT Austrian Institute of Technology)
picnic3l5optimizedct/neon David Derler (Graz University of Technology)
Alexander Grass (Graz University of Technology)
Daniel Kales (Graz University of Technology)
Angela Promitzer
Sebastian Ramacher (AIT Austrian Institute of Technology)
picnic3l5optimizedct/sse2 David Derler (Graz University of Technology)
Alexander Grass (Graz University of Technology)
Daniel Kales (Graz University of Technology)
Angela Promitzer
Sebastian Ramacher (AIT Austrian Institute of Technology)
picnic3l5ref Greg Zaverucha (Microsoft Research)
Sebastian Ramacher (AIT Austrian Institute of Technology)
Daniel Kales (Graz University of Technology)
Steven Goldfeder (Princeton University)
picnicl1fsoptimizedct/avx2 David Derler (Graz University of Technology)
Alexander Grass (Graz University of Technology)
Daniel Kales (Graz University of Technology)
Angela Promitzer
Sebastian Ramacher (AIT Austrian Institute of Technology)
picnicl1fsoptimizedct/c David Derler (Graz University of Technology)
Alexander Grass (Graz University of Technology)
Daniel Kales (Graz University of Technology)
Angela Promitzer
Sebastian Ramacher (AIT Austrian Institute of Technology)
picnicl1fsoptimizedct/neon David Derler (Graz University of Technology)
Alexander Grass (Graz University of Technology)
Daniel Kales (Graz University of Technology)
Angela Promitzer
Sebastian Ramacher (AIT Austrian Institute of Technology)
picnicl1fsoptimizedct/sse2 David Derler (Graz University of Technology)
Alexander Grass (Graz University of Technology)
Daniel Kales (Graz University of Technology)
Angela Promitzer
Sebastian Ramacher (AIT Austrian Institute of Technology)
picnicl1fsref Greg Zaverucha (Microsoft Research)
Sebastian Ramacher (AIT Austrian Institute of Technology)
Daniel Kales (Graz University of Technology)
Steven Goldfeder (Princeton University)
picnicl1fulloptimizedct/avx2 David Derler (Graz University of Technology)
Alexander Grass (Graz University of Technology)
Daniel Kales (Graz University of Technology)
Angela Promitzer
Sebastian Ramacher (AIT Austrian Institute of Technology)
picnicl1fulloptimizedct/c David Derler (Graz University of Technology)
Alexander Grass (Graz University of Technology)
Daniel Kales (Graz University of Technology)
Angela Promitzer
Sebastian Ramacher (AIT Austrian Institute of Technology)
picnicl1fulloptimizedct/neon David Derler (Graz University of Technology)
Alexander Grass (Graz University of Technology)
Daniel Kales (Graz University of Technology)
Angela Promitzer
Sebastian Ramacher (AIT Austrian Institute of Technology)
picnicl1fulloptimizedct/sse2 David Derler (Graz University of Technology)
Alexander Grass (Graz University of Technology)
Daniel Kales (Graz University of Technology)
Angela Promitzer
Sebastian Ramacher (AIT Austrian Institute of Technology)
picnicl1fullref Greg Zaverucha (Microsoft Research)
Sebastian Ramacher (AIT Austrian Institute of Technology)
Daniel Kales (Graz University of Technology)
Steven Goldfeder (Princeton University)
picnicl1uroptimizedct/avx2 David Derler (Graz University of Technology)
Alexander Grass (Graz University of Technology)
Daniel Kales (Graz University of Technology)
Angela Promitzer
Sebastian Ramacher (AIT Austrian Institute of Technology)
picnicl1uroptimizedct/c David Derler (Graz University of Technology)
Alexander Grass (Graz University of Technology)
Daniel Kales (Graz University of Technology)
Angela Promitzer
Sebastian Ramacher (AIT Austrian Institute of Technology)
picnicl1uroptimizedct/neon David Derler (Graz University of Technology)
Alexander Grass (Graz University of Technology)
Daniel Kales (Graz University of Technology)
Angela Promitzer
Sebastian Ramacher (AIT Austrian Institute of Technology)
picnicl1uroptimizedct/sse2 David Derler (Graz University of Technology)
Alexander Grass (Graz University of Technology)
Daniel Kales (Graz University of Technology)
Angela Promitzer
Sebastian Ramacher (AIT Austrian Institute of Technology)
picnicl1urref Greg Zaverucha (Microsoft Research)
Sebastian Ramacher (AIT Austrian Institute of Technology)
Daniel Kales (Graz University of Technology)
Steven Goldfeder (Princeton University)
picnicl3fsoptimizedct/avx2 David Derler (Graz University of Technology)
Alexander Grass (Graz University of Technology)
Daniel Kales (Graz University of Technology)
Angela Promitzer
Sebastian Ramacher (AIT Austrian Institute of Technology)
picnicl3fsoptimizedct/c David Derler (Graz University of Technology)
Alexander Grass (Graz University of Technology)
Daniel Kales (Graz University of Technology)
Angela Promitzer
Sebastian Ramacher (AIT Austrian Institute of Technology)
picnicl3fsoptimizedct/neon David Derler (Graz University of Technology)
Alexander Grass (Graz University of Technology)
Daniel Kales (Graz University of Technology)
Angela Promitzer
Sebastian Ramacher (AIT Austrian Institute of Technology)
picnicl3fsoptimizedct/sse2 David Derler (Graz University of Technology)
Alexander Grass (Graz University of Technology)
Daniel Kales (Graz University of Technology)
Angela Promitzer
Sebastian Ramacher (AIT Austrian Institute of Technology)
picnicl3fsref Greg Zaverucha (Microsoft Research)
Sebastian Ramacher (AIT Austrian Institute of Technology)
Daniel Kales (Graz University of Technology)
Steven Goldfeder (Princeton University)
picnicl3fulloptimizedct/avx2 David Derler (Graz University of Technology)
Alexander Grass (Graz University of Technology)
Daniel Kales (Graz University of Technology)
Angela Promitzer
Sebastian Ramacher (AIT Austrian Institute of Technology)
picnicl3fulloptimizedct/c David Derler (Graz University of Technology)
Alexander Grass (Graz University of Technology)
Daniel Kales (Graz University of Technology)
Angela Promitzer
Sebastian Ramacher (AIT Austrian Institute of Technology)
picnicl3fulloptimizedct/neon David Derler (Graz University of Technology)
Alexander Grass (Graz University of Technology)
Daniel Kales (Graz University of Technology)
Angela Promitzer
Sebastian Ramacher (AIT Austrian Institute of Technology)
picnicl3fulloptimizedct/sse2 David Derler (Graz University of Technology)
Alexander Grass (Graz University of Technology)
Daniel Kales (Graz University of Technology)
Angela Promitzer
Sebastian Ramacher (AIT Austrian Institute of Technology)
picnicl3fullref Greg Zaverucha (Microsoft Research)
Sebastian Ramacher (AIT Austrian Institute of Technology)
Daniel Kales (Graz University of Technology)
Steven Goldfeder (Princeton University)
picnicl3uroptimizedct/avx2 David Derler (Graz University of Technology)
Alexander Grass (Graz University of Technology)
Daniel Kales (Graz University of Technology)
Angela Promitzer
Sebastian Ramacher (AIT Austrian Institute of Technology)
picnicl3uroptimizedct/c David Derler (Graz University of Technology)
Alexander Grass (Graz University of Technology)
Daniel Kales (Graz University of Technology)
Angela Promitzer
Sebastian Ramacher (AIT Austrian Institute of Technology)
picnicl3uroptimizedct/neon David Derler (Graz University of Technology)
Alexander Grass (Graz University of Technology)
Daniel Kales (Graz University of Technology)
Angela Promitzer
Sebastian Ramacher (AIT Austrian Institute of Technology)
picnicl3uroptimizedct/sse2 David Derler (Graz University of Technology)
Alexander Grass (Graz University of Technology)
Daniel Kales (Graz University of Technology)
Angela Promitzer
Sebastian Ramacher (AIT Austrian Institute of Technology)
picnicl3urref Greg Zaverucha (Microsoft Research)
Sebastian Ramacher (AIT Austrian Institute of Technology)
Daniel Kales (Graz University of Technology)
Steven Goldfeder (Princeton University)
picnicl5fsoptimizedct/avx2 David Derler (Graz University of Technology)
Alexander Grass (Graz University of Technology)
Daniel Kales (Graz University of Technology)
Angela Promitzer
Sebastian Ramacher (AIT Austrian Institute of Technology)
picnicl5fsoptimizedct/c David Derler (Graz University of Technology)
Alexander Grass (Graz University of Technology)
Daniel Kales (Graz University of Technology)
Angela Promitzer
Sebastian Ramacher (AIT Austrian Institute of Technology)
picnicl5fsoptimizedct/neon David Derler (Graz University of Technology)
Alexander Grass (Graz University of Technology)
Daniel Kales (Graz University of Technology)
Angela Promitzer
Sebastian Ramacher (AIT Austrian Institute of Technology)
picnicl5fsoptimizedct/sse2 David Derler (Graz University of Technology)
Alexander Grass (Graz University of Technology)
Daniel Kales (Graz University of Technology)
Angela Promitzer
Sebastian Ramacher (AIT Austrian Institute of Technology)
picnicl5fsref Greg Zaverucha (Microsoft Research)
Sebastian Ramacher (AIT Austrian Institute of Technology)
Daniel Kales (Graz University of Technology)
Steven Goldfeder (Princeton University)
picnicl5fulloptimizedct/avx2 David Derler (Graz University of Technology)
Alexander Grass (Graz University of Technology)
Daniel Kales (Graz University of Technology)
Angela Promitzer
Sebastian Ramacher (AIT Austrian Institute of Technology)
picnicl5fulloptimizedct/c David Derler (Graz University of Technology)
Alexander Grass (Graz University of Technology)
Daniel Kales (Graz University of Technology)
Angela Promitzer
Sebastian Ramacher (AIT Austrian Institute of Technology)
picnicl5fulloptimizedct/neon David Derler (Graz University of Technology)
Alexander Grass (Graz University of Technology)
Daniel Kales (Graz University of Technology)
Angela Promitzer
Sebastian Ramacher (AIT Austrian Institute of Technology)
picnicl5fulloptimizedct/sse2 David Derler (Graz University of Technology)
Alexander Grass (Graz University of Technology)
Daniel Kales (Graz University of Technology)
Angela Promitzer
Sebastian Ramacher (AIT Austrian Institute of Technology)
picnicl5fullref Greg Zaverucha (Microsoft Research)
Sebastian Ramacher (AIT Austrian Institute of Technology)
Daniel Kales (Graz University of Technology)
Steven Goldfeder (Princeton University)
picnicl5uroptimizedct/avx2 David Derler (Graz University of Technology)
Alexander Grass (Graz University of Technology)
Daniel Kales (Graz University of Technology)
Angela Promitzer
Sebastian Ramacher (AIT Austrian Institute of Technology)
picnicl5uroptimizedct/c David Derler (Graz University of Technology)
Alexander Grass (Graz University of Technology)
Daniel Kales (Graz University of Technology)
Angela Promitzer
Sebastian Ramacher (AIT Austrian Institute of Technology)
picnicl5uroptimizedct/neon David Derler (Graz University of Technology)
Alexander Grass (Graz University of Technology)
Daniel Kales (Graz University of Technology)
Angela Promitzer
Sebastian Ramacher (AIT Austrian Institute of Technology)
picnicl5uroptimizedct/sse2 David Derler (Graz University of Technology)
Alexander Grass (Graz University of Technology)
Daniel Kales (Graz University of Technology)
Angela Promitzer
Sebastian Ramacher (AIT Austrian Institute of Technology)
picnicl5urref Greg Zaverucha (Microsoft Research)
Sebastian Ramacher (AIT Austrian Institute of Technology)
Daniel Kales (Graz University of Technology)
Steven Goldfeder (Princeton University)
pqrsa15ref
qtesla1ref
qtesla128ref
qtesla192ref
qtesla256ref
qtesla1pref
qtesla3fref
qtesla3pref
qtesla3sref
rainbowref Jintai Ding, University of Cincinnati
Dieter Schmidt, University of Cincinnati
rainbow5640ref Anna Inn-Tung Chen
Tien-Ren Chen
Ming-Shing Chen
rainbow6440ref Anna Inn-Tung Chen
Tien-Ren Chen
Ming-Shing Chen
rainbow181212ref
rainbow1aavx2
rainbow1aportable
rainbow1aref
rainbow1aclassic363232amd64
rainbow1aclassic363232avx2
rainbow1aclassic363232ref
rainbow1aclassic363232ssse3
rainbow1acompres363232amd64
rainbow1acompres363232avx2
rainbow1acompres363232ref
rainbow1acompres363232ssse3
rainbow1acyclicc363232amd64
rainbow1acyclicc363232avx2
rainbow1acyclicc363232ref
rainbow1acyclicc363232ssse3
rainbow1bavx2
rainbow1bportable
rainbow1bref
rainbow1cavx2
rainbow1cportable
rainbow1cref
rainbow3bavx2
rainbow3bportable
rainbow3bref
rainbow3cavx2
rainbow3cportable
rainbow3cref
rainbow3cclassic683248amd64
rainbow3cclassic683248avx2
rainbow3cclassic683248ref
rainbow3cclassic683248ssse3
rainbow3ccompres683248amd64
rainbow3ccompres683248avx2
rainbow3ccompres683248ref
rainbow3ccompres683248ssse3
rainbow3ccyclicc683248amd64
rainbow3ccyclicc683248avx2
rainbow3ccyclicc683248ref
rainbow3ccyclicc683248ssse3
rainbow4aavx2
rainbow4aportable
rainbow4aref
rainbow5cavx2
rainbow5cportable
rainbow5cref
rainbow5cclassic963664amd64
rainbow5cclassic963664avx2
rainbow5cclassic963664ref
rainbow5cclassic963664ssse3
rainbow5ccompres963664amd64
rainbow5ccompres963664avx2
rainbow5ccompres963664ref
rainbow5ccompres963664ssse3
rainbow5ccyclicc963664amd64
rainbow5ccyclicc963664avx2
rainbow5ccyclicc963664ref
rainbow5ccyclicc963664ssse3
rainbow6aavx2
rainbow6aportable
rainbow6aref
rainbow6bavx2
rainbow6bportable
rainbow6bref
rainbowbinary16242020ref Ming-Shing Chen
rainbowbinary256181212ref Ming-Shing Chen
redgemss128opt
redgemss128ref
redgemss128skylake
redgemss192opt
redgemss192ref
redgemss192skylake
redgemss256opt
redgemss256ref
redgemss256skylake
redgemss128v2opt
redgemss128v2ref
redgemss128v2skylake
redgemss192v2opt
redgemss192v2ref
redgemss192v2skylake
redgemss256v2opt
redgemss256v2ref
redgemss256v2skylake
ronald512openssl Daniel J. Bernstein (wrapper around OpenSSL)
ronald512opensslnew Daniel J. Bernstein (wrapper around OpenSSL)
ronald768openssl Daniel J. Bernstein (wrapper around OpenSSL)
ronald768opensslnew Daniel J. Bernstein (wrapper around OpenSSL)
ronald1024openssl Daniel J. Bernstein (wrapper around OpenSSL)
ronald1024opensslnew Daniel J. Bernstein (wrapper around OpenSSL)
ronald1536openssl Daniel J. Bernstein (wrapper around OpenSSL)
ronald1536opensslnew Daniel J. Bernstein (wrapper around OpenSSL)
ronald2048openssl Daniel J. Bernstein (wrapper around OpenSSL)
ronald2048opensslnew Daniel J. Bernstein (wrapper around OpenSSL)
ronald3072openssl Daniel J. Bernstein (wrapper around OpenSSL)
ronald3072opensslnew Daniel J. Bernstein (wrapper around OpenSSL)
ronald4096openssl Daniel J. Bernstein (wrapper around OpenSSL)
ronald4096opensslnew Daniel J. Bernstein (wrapper around OpenSSL)
rwb0fuz1024gmp Adam Langley
sflashv2ref Louis Goubin, Université de Versailles
Nicolas Courtois, University College London
Thomas Icart, École Polytechnique
sphincs256avx2 Daniel J. Bernstein1
Daira Hopwood
Andreas Hülsing
Tanja Lange
Ruben Niederhagen
Louiza Papachristodoulou
Peter Schwabe
Zooko Wilcox O'Hearn
sphincs256ref Daniel J. Bernstein1
Daira Hopwood
Andreas Hülsing
Tanja Lange
Ruben Niederhagen
Louiza Papachristodoulou
Peter Schwabe
Zooko Wilcox O'Hearn
sphincsf128harakarobustaesni
sphincsf128harakarobustref
sphincsf128harakasimpleaesni
sphincsf128harakasimpleref
sphincsf128sha256robustavx2
sphincsf128sha256robustref
sphincsf128sha256simpleavx2
sphincsf128sha256simpleref
sphincsf128shake256robustavx2
sphincsf128shake256robustref
sphincsf128shake256simpleavx2
sphincsf128shake256simpleref
sphincsf192harakarobustaesni
sphincsf192harakarobustref
sphincsf192harakasimpleaesni
sphincsf192harakasimpleref
sphincsf192sha256robustavx2
sphincsf192sha256robustref
sphincsf192sha256simpleavx2
sphincsf192sha256simpleref
sphincsf192shake256robustavx2
sphincsf192shake256robustref
sphincsf192shake256simpleavx2
sphincsf192shake256simpleref
sphincsf256harakarobustaesni
sphincsf256harakarobustref
sphincsf256harakasimpleaesni
sphincsf256harakasimpleref
sphincsf256sha256robustavx2
sphincsf256sha256robustref
sphincsf256sha256simpleavx2
sphincsf256sha256simpleref
sphincsf256shake256robustavx2
sphincsf256shake256robustref
sphincsf256shake256simpleavx2
sphincsf256shake256simpleref
sphincss128harakarobustaesni
sphincss128harakarobustref
sphincss128harakasimpleaesni
sphincss128harakasimpleref
sphincss128sha256robustavx2
sphincss128sha256robustref
sphincss128sha256simpleavx2
sphincss128sha256simpleref
sphincss128shake256robustavx2
sphincss128shake256robustref
sphincss128shake256simpleavx2
sphincss128shake256simpleref
sphincss192harakarobustaesni
sphincss192harakarobustref
sphincss192harakasimpleaesni
sphincss192harakasimpleref
sphincss192sha256robustavx2
sphincss192sha256robustref
sphincss192sha256simpleavx2
sphincss192sha256simpleref
sphincss192shake256robustavx2
sphincss192shake256robustref
sphincss192shake256simpleavx2
sphincss192shake256simpleref
sphincss256harakarobustaesni
sphincss256harakarobustref
sphincss256harakasimpleaesni
sphincss256harakasimpleref
sphincss256sha256robustavx2
sphincss256sha256robustref
sphincss256sha256simpleavx2
sphincss256sha256simpleref
sphincss256shake256robustavx2
sphincss256shake256robustref
sphincss256shake256simpleavx2
sphincss256shake256simpleref
tts6440ref Tien-Ren Chen
Ming-Shing Chen

Version

This is version 2021.05.07 of the primitives-sign.html web page. This web page is in the public domain.