Skip to content

FPGA implementation of the Supersingular Isogeny Key Encapsulation


Notifications You must be signed in to change notification settings


Repository files navigation


This repository has an FPGA implementation of the NIST Round 2 proposal SIKE :

  • David Jao, Reza Azarderakhsh, Matthew Campagna, Craig Costello, Luca De Feo, Basil Hess, Amir Jalali, Brian Koziel, Brian LaMacchia, Patrick Longa, Michael Naehrig, Joost Renes, Vladimir Soukharev, David Urbanik, Geovandro Pereira. Supersingular Isogeny Key Encapsulation. April 17, 2019. Post-Quantum Cryptography - NIST Round 2 submission.

The design was made in hardware/software co-design. The main CPU was made exclusively for this design, together with the multiplier accumulator co-processor called Carmela. There are two Carmela versions, one with a 128 bits multiplier and another with a 256 bits multiplier. Because there are two Carmela versions, there are two versions of the system, sike_core_v256 and sike_core_v128.

More information in the paper:

All the code that was created for this design is in public domain. There are codes that have been used in this project, that have a different license, such as the ones in Xilinx project folders and the Keccak code.

All the Keccak VHDL code was obtained from:

And the SHA3/Keccak Python code was obtained from:

GHDL remarks

If you are going to use the GHDL to simulate this project, you have to change the file synth_double_ram.vhd. In the file there are two architectures : behavioral and vivado_behavioral. When performing GHDL simulations you have to comment "vivado_behavioral" and use the "behavioral", and when you use Vivado or ISE to synthesize, you use the "vivado_behavioral".


FPGA implementation of the Supersingular Isogeny Key Encapsulation








No releases published


No packages published