diff --git a/ChangeLog b/ChangeLog
index 3998f5d719a16cfc8edad572fa1f471ba8000613..9dfd044cfbeed51a50e14263b6869a4ee79a72b7 100644
--- a/ChangeLog
+++ b/ChangeLog
@@ -1,5 +1,13 @@
 2020-11-08  Niels Möller  <nisse@lysator.liu.se>
 
+	* eddsa-sign.c (_eddsa_sign_itch): Update, since now point
+	multiplication needs less scratch than point compression.
+	* eddsa-pubkey.c (_eddsa_public_key_itch): Likewise.
+
+	* ecc-internal.h: Update *_ITCH macros for point multiplication
+	and signatures. They need slightly less scratch after optimization
+	of the point addition functions.
+
 	* ecc-mul-m.c (ecc_mul_m): Reduce scratch need.
 	(ecc_mul_m): Optimize swapping, with only a single mpn_cnd_swap
 	per iteration.
diff --git a/ecc-ecdsa-sign.c b/ecc-ecdsa-sign.c
index e79a636a4f03f3c81ec7020c58ee0055907755fa..10e1de22437b9248cb082c9e7425ca52a615183d 100644
--- a/ecc-ecdsa-sign.c
+++ b/ecc-ecdsa-sign.c
@@ -47,7 +47,7 @@ mp_size_t
 ecc_ecdsa_sign_itch (const struct ecc_curve *ecc)
 {
   /* Needs 3*ecc->p.size + scratch for ecc->mul_g. Currently same for
-     ecc_mul_g and ecc_mul_g_eh. */
+     ecc_mul_g. */
   return ECC_ECDSA_SIGN_ITCH (ecc->p.size);
 }
 
diff --git a/ecc-gostdsa-sign.c b/ecc-gostdsa-sign.c
index 351ce93ec597336576f29f8a5926bca5e8586f16..c924122ce97b3e91cabe0c02148108134426e742 100644
--- a/ecc-gostdsa-sign.c
+++ b/ecc-gostdsa-sign.c
@@ -46,7 +46,7 @@ mp_size_t
 ecc_gostdsa_sign_itch (const struct ecc_curve *ecc)
 {
   /* Needs 3*ecc->p.size + scratch for ecc->mul_g. Currently same for
-     ecc_mul_g and ecc_mul_g_eh. */
+     ecc_mul_g. */
   return ECC_GOSTDSA_SIGN_ITCH (ecc->p.size);
 }
 
diff --git a/ecc-internal.h b/ecc-internal.h
index 39166f85ab6a233103ad46f5f78b68ca9d7f5576..b4dfad2e46fe121b3b74e97143eebbc34e73c874 100644
--- a/ecc-internal.h
+++ b/ecc-internal.h
@@ -453,23 +453,23 @@ curve448_eh_to_x (mp_limb_t *xp, const mp_limb_t *p,
 #define ECC_ADD_EHH_ITCH(size) (4*(size))
 #define ECC_ADD_TH_ITCH(size) (4*(size))
 #define ECC_ADD_THH_ITCH(size) (4*(size))
-#define ECC_MUL_G_ITCH(size) (9*(size))
-#define ECC_MUL_G_EH_ITCH(size) (9*(size))
+#define ECC_MUL_G_ITCH(size) (8*(size))
+#define ECC_MUL_G_EH_ITCH(size) (7*(size))
 #if ECC_MUL_A_WBITS == 0
-#define ECC_MUL_A_ITCH(size) (12*(size))
+#define ECC_MUL_A_ITCH(size) (11*(size))
 #else
 #define ECC_MUL_A_ITCH(size) \
-  (((3 << ECC_MUL_A_WBITS) + 11) * (size))
+  (((3 << ECC_MUL_A_WBITS) + 8) * (size))
 #endif
 #if ECC_MUL_A_EH_WBITS == 0
-#define ECC_MUL_A_EH_ITCH(size) (12*(size))
+#define ECC_MUL_A_EH_ITCH(size) (10*(size))
 #else
 #define ECC_MUL_A_EH_ITCH(size) \
-  (((3 << ECC_MUL_A_EH_WBITS) + 10) * (size))
+  (((3 << ECC_MUL_A_EH_WBITS) + 7) * (size))
 #endif
 #define ECC_MUL_M_ITCH(size) (8*(size))
-#define ECC_ECDSA_SIGN_ITCH(size) (12*(size))
-#define ECC_GOSTDSA_SIGN_ITCH(size) (12*(size))
+#define ECC_ECDSA_SIGN_ITCH(size) (11*(size))
+#define ECC_GOSTDSA_SIGN_ITCH(size) (11*(size))
 #define ECC_MOD_RANDOM_ITCH(size) (size)
 #define ECC_HASH_ITCH(size) (1+(size))
 
diff --git a/ecc-mul-a-eh.c b/ecc-mul-a-eh.c
index b0aa269765a2ddf3ec3bdc05492d789d0b5f6bfc..1eb3efccbde1495df65e64621573ee1a12345f2d 100644
--- a/ecc-mul-a-eh.c
+++ b/ecc-mul-a-eh.c
@@ -39,7 +39,7 @@
 #include "ecc-internal.h"
 
 /* Binary algorithm needs 6*ecc->p.size + scratch for ecc_add_ehh,
-   total 12 ecc->p.size
+   total 10 ecc->p.size
 
    Window algorithm needs (3<<w) * ecc->p.size for the table,
    3*ecc->p.size for a temporary point, and scratch for
diff --git a/ecc-mul-g.c b/ecc-mul-g.c
index c4a1b5bbab1940dce8e5faac92cc6c086d00de9d..dcc7c3ea08d5cbf341279329dcd3eb14100f71fc 100644
--- a/ecc-mul-g.c
+++ b/ecc-mul-g.c
@@ -45,7 +45,7 @@ ecc_mul_g (const struct ecc_curve *ecc, mp_limb_t *r,
 	   const mp_limb_t *np, mp_limb_t *scratch)
 {
   /* Scratch need determined by the ecc_add_jja call. Current total is
-     9 * ecc->p.size, at most 648 bytes. */
+     8 * ecc->p.size, at most 576 bytes. */
 #define tp scratch
 #define scratch_out (scratch + 3*ecc->p.size)
 
diff --git a/eddsa-pubkey.c b/eddsa-pubkey.c
index 72726e567d98cfdcbc1081498ce9d8d9f66ab2a5..646d19547224bb83f64e56a167896dceba9e8168 100644
--- a/eddsa-pubkey.c
+++ b/eddsa-pubkey.c
@@ -43,8 +43,8 @@
 mp_size_t
 _eddsa_public_key_itch (const struct ecc_curve *ecc)
 {
-  assert (_eddsa_compress_itch (ecc) <= ecc->mul_g_itch);
-  return 3*ecc->p.size + ecc->mul_g_itch;
+  assert (ecc->mul_g_itch <= _eddsa_compress_itch (ecc));
+  return 3*ecc->p.size + _eddsa_compress_itch (ecc);
 }
 
 void
diff --git a/eddsa-sign.c b/eddsa-sign.c
index c1a23cd7221c699d5f8a5e262680b0462f8c1ae2..f5dda6f01bb213cb7d295f11a9f150e212876088 100644
--- a/eddsa-sign.c
+++ b/eddsa-sign.c
@@ -45,8 +45,8 @@
 mp_size_t
 _eddsa_sign_itch (const struct ecc_curve *ecc)
 {
-  assert (_eddsa_compress_itch (ecc) <= ecc->mul_g_itch);
-  return 5*ecc->p.size + ecc->mul_g_itch;
+  assert (ecc->mul_g_itch <= _eddsa_compress_itch (ecc));
+  return 5*ecc->p.size + _eddsa_compress_itch (ecc);
 }
 
 void