EdDSA Curve25519 signature generation engine

EdDSA IP Core — When Safety and Security Meet the Best Size/Performance Ratio

The EdDSA Curve25519 extension adds hardware support for modern elliptic-curve cryptography inside DCD-SEMI’s configurable cryptographic co-processor. The implementation is based on Curve25519, a widely adopted 255-bit elliptic curve designed for efficient key exchange and digital signatures, with strong resistance to side-channel attacks and high performance in constrained embedded environments.

The solution enables support for X25519 key agreement and EdDSA25519 signature operations, using the Edwards-curve family and the prime field defined by Curve25519. It is widely used because it combines compact arithmetic, predictable execution flow, and efficient hardware mapping, making it well suited for secure SoC and FPGA-based systems.

Architecture

CryptOne is implemented as a dedicated IP core tailored to specific customer requirements rather than a general-purpose processor. The Curve25519 module is integrated into the existing CryptOne architecture through new hardware instructions, modular arithmetic accelerators, and control logic for scalar multiplication, modular reduction, and field operations over the Curve25519 prime field.

The design approach focuses on minimizing latency while improving area and energy efficiency. Special attention is given to modular multiplication, reduction modulo, and the removal of unnecessary branches and exceptional cases, which improves predictability and reduces potential attack surfaces in hardware implementations.

Security Properties

The Curve25519 implementation is designed with side-channel resilience in mind. Compared with traditional Weierstrass-based curves, Edwards-curve implementations are often preferred in secure hardware because they support more regular computation patterns and simpler arithmetic, which helps reduce timing leakage and other implementation risks.

The extension is aligned with current cryptographic standards and deployment trends, including RFC 7748 for X25519 and RFC 8032 for EdDSA. This makes it suitable for security-sensitive use cases where interoperability, robustness, and conformance to modern cryptographic guidance are required.

Verification Flow

Development includes algorithm modelling, HDL implementation, and full verification using automated test environments. The implementation is validated against RFC-compliant test vectors and exercised in simulation and FPGA environments to confirm functional correctness and parameter optimization before deployment.

The final result is a verified Curve25519-enabled CryptOne platform ready for secure digital systems in IoT, automotive, telecom, FinTech, cloud, and critical infrastructure applications.

• Supported Elliptic Curves
  • NIST SECP P-256 R1
  • NIST SECP P-384 R1
  • Koblitz SECP P-256 K1
  • Koblitz SECP P-384 K1
  • Brainpool P-256 R1
  • Brainpool P-384 R1
  • Brainpool P-512 R1
  • other/custom curves optional support
• Optional Side Channel Attacks countermeasures
• Input/Output EC point verification
• Fully synthesizable, synchronous design
• Highly configurable in terms of performance and
• resource consumption
• Minimum operation delay at 200 MHz:
  • Point multiplication:
    • EC256: 2.5 ms
    • EC384: 5.0 ms
  • ECDSA signature generation
    • EC256: 2.6 ms
    • EC384: 5.2 ms
  • ECDSA signature verification
    • EC256: 3.1 ms
    • EC384: 6.3 ms
  • Estimated resource usage
    • from 30k to 110k NAND gates

• Digital signature
• Data integrity
• Key derivation
• TLS/SSH/PGP IPsec communication

• HDL Source Code
• Testbench environment
  • Automatic Simulation macros
  • Tests with reference responses
• Synthesis scripts
• Technical documentation
• 12 months of technical support