Mamy André-Ratsimbazafy
6de97b5d1e
Random init was producing invalid montgomery form for field elements
2020-02-26 10:28:54 +01:00
Mamy André-Ratsimbazafy
945d36c2f2
More Fp2 sanity checks
2020-02-26 01:46:11 +01:00
Mamy André-Ratsimbazafy
ff98558c4b
Fix carry bug in sum/diff
2020-02-26 01:31:05 +01:00
Mamy André-Ratsimbazafy
c621355d8d
Add new tests to track issue in the new sum/diff
2020-02-26 01:23:18 +01:00
Mamy André-Ratsimbazafy
5fab0b6c49
Add secp256k1 and add sanity checks on Fp2
2020-02-26 00:55:30 +01:00
Mamy André-Ratsimbazafy
e2096297cf
Expose the equality proc beyond the debugConstantine flag
2020-02-26 00:08:57 +01:00
Mamy André-Ratsimbazafy
9f7c8515a4
Prepare RNG with 2^512 bit of state for random testing on Fp2
2020-02-25 23:52:56 +01:00
Mamy André-Ratsimbazafy
c956c82165
cleanup test imports
2020-02-25 20:55:23 +01:00
Mamy André-Ratsimbazafy
2df0f311ff
Cleanup TODOs + squaring in the Montgomery domain doesn't present the same symmetries as schoolbook multiplication so remove comment. Otherwise this may apply https://www.intel.com/content/dam/www/public/us/en/documents/white-papers/large-integer-squaring-ia-paper.pdf
2020-02-25 20:12:38 +01:00
Mamy André-Ratsimbazafy
69d477a715
Fp2 multiplication
2020-02-25 16:35:55 +01:00
Mamy André-Ratsimbazafy
320ecbff1a
Change square signature and reorg finite fields to avoid/highlight proc that allocate a temporary
2020-02-25 15:18:39 +01:00
Mamy André-Ratsimbazafy
abaafa816e
Fix warnings
2020-02-25 14:32:54 +01:00
Mamy André-Ratsimbazafy
e6c7b3e52a
add Abelian Group concept
2020-02-25 14:10:59 +01:00
Mamy André-Ratsimbazafy
2aa33ea226
Fused initialization and arithmetic finite field primitive to have Fp2 less verbose and more efficient
2020-02-25 11:00:27 +01:00
Mamy André-Ratsimbazafy
2aec16d8d8
introduce unconditional add/sub and fused initialization+operation sum/diff
2020-02-25 03:11:32 +01:00
Mamy André-Ratsimbazafy
ddce056bb4
make bench compile
2020-02-25 03:07:42 +01:00
Mamy André-Ratsimbazafy
bb8dc579ea
conditional arithmetic prefixed with c: cadd, csub. Also use ccopy instead of cmov to avoid potential confusion like in https://github.com/cfrg/draft-irtf-cfrg-hash-to-curve/issues/210
2020-02-25 01:26:21 +01:00
Mamy André-Ratsimbazafy
5b53ad9cf3
Add references for finite fields and tower of finite fields arithmetic
2020-02-25 01:16:10 +01:00
Mamy André-Ratsimbazafy
78dee73648
Fp: setZero, setOne, double, in-place mul, Fp2: square
2020-02-24 20:39:36 +01:00
Mamy André-Ratsimbazafy
6b05c69652
Rename Fq -> Fp
2020-02-24 17:10:09 +01:00
Mamy Ratsimbazafy
3bd70991d4
reorg the codebase + add/update READMEs in folders with research ( #12 )
...
* reorg the codebase + add/update READMEs in folders with research
* fix readme
* update pairing implementation papers
* Seperate hash-to-curve in its own folder, distinguish between norms, research and presentations
* Better markdown line breaks
* Add in-depth analysis of towers of extension fields for BN curve
* Fix Colm Ó hÉigeartaigh name and add Hash-to-Curve reference
2020-02-24 10:50:19 +01:00
Mamy André-Ratsimbazafy
d83101153a
Cosmetic changes: remove debug import strutils, BigInt.dec "returns" is now a doc comment, remove redundant setting the internal bitlength for modular multiplication
2020-02-23 21:49:51 +01:00
Mamy Ratsimbazafy
80f822c227
Set up CI with Azure Pipelines ( #13 )
...
* Set up CI with Azure Pipelines
[skip ci]
* Add task for testing without GMP
* Add C++ testing + no GMP on windows
* Add the Nim wrapper for GMP to Azure build
* Add Azure badge
* Fix nimble test tasks
* Workaround windows path in Azure
* Fix nim binaries path and mingw on 32-bit
* add stew test dependency
* Fix nim/nimble path
* disable GMP tests on windows
2020-02-23 18:27:26 +01:00
Mamy Ratsimbazafy
acbb0f57f7
Travis CI ( #14 )
...
* add Travis config for x86_64 and ARM64
* Add Travis badge
* add stew test dependency
* comment out unused 64-bit word extended precision arithmetic for ARM CI
2020-02-23 17:56:43 +01:00
Mamy André-Ratsimbazafy
5f91751328
remove leftover debugEcho
2020-02-23 17:12:41 +01:00
Mamy André-Ratsimbazafy
05009f9407
Fix mux comment and link
2020-02-23 02:23:19 +01:00
Mamy André-Ratsimbazafy
dc46e86490
Create a specialized montgomery modular square function
2020-02-23 01:43:42 +01:00
Mamy André-Ratsimbazafy
c807707ee4
Add research on pairing curve implementations
2020-02-23 01:17:39 +01:00
Mamy André-Ratsimbazafy
68727e5c8d
Add modular inversion + test vs GMP
2020-02-22 19:50:24 +01:00
Mamy André-Ratsimbazafy
8cbbd40a0c
Add benchmark of constant-time vs unsafe powmod
2020-02-22 18:39:29 +01:00
Mamy André-Ratsimbazafy
acfc99c4f0
Add an unsafe modular exponentiation that may leak exponent bits to timing attacks/oscilloscopes/memory cache attacks
2020-02-22 18:18:17 +01:00
Mamy André-Ratsimbazafy
e0f4e49cb5
Test modular exponentiation with BN254 and BLS12-381 moduli
2020-02-22 16:56:04 +01:00
Mamy André-Ratsimbazafy
24f2e1088e
Fix modular exp tests
2020-02-22 16:39:57 +01:00
Mamy André-Ratsimbazafy
4b65d0d723
Skeleton of modular exponentiation
2020-02-22 16:37:31 +01:00
Mamy André-Ratsimbazafy
236047767f
move mask to common
2020-02-18 13:01:14 +01:00
Mamy André-Ratsimbazafy
ef5dd8345b
Allow compile-time bigint serialization + terminology: serialize -> export
2020-02-18 12:36:42 +01:00
Mamy André-Ratsimbazafy
9395febada
add octet string encode/decode (bigEndian raw int)
2020-02-18 11:54:36 +01:00
Mamy André-Ratsimbazafy
d7d20c50b6
Add primitive for window-based modular exponentiation
2020-02-17 00:13:42 +01:00
Mamy André-Ratsimbazafy
285b6aad1a
Add cmov according to Milagro / hash_to_curve spec
2020-02-16 22:18:22 +01:00
Mamy André-Ratsimbazafy
6694023f16
Revert "Use cmov name instead of mux to be in line with IETF spec on Hash to curve and Verifiable Random Functions"
...
This reverts commit 56177c0cfe
.
cmov will be the high-level name (similar to Milagro and Hash_to_curve draft) and mux will be the low-level one
2020-02-16 22:13:54 +01:00
Mamy André-Ratsimbazafy
56177c0cfe
Use cmov name instead of mux to be in line with IETF spec on Hash to curve and Verifiable Random Functions
2020-02-16 21:34:21 +01:00
Mamy André-Ratsimbazafy
a1801e26a0
Now passing finite field test vs GMP
2020-02-16 19:08:19 +01:00
Mamy André-Ratsimbazafy
c3d458e31b
Fix bug in redc: use montgomery mul for now. Add NIST P256 curve
2020-02-16 18:59:10 +01:00
Mamy André-Ratsimbazafy
7740bfbae4
print montgomery magics at compile-time
2020-02-16 12:32:34 +01:00
Mamy André-Ratsimbazafy
f1430915fe
Add Mersenn 61 and 127 + debugging print
2020-02-16 12:03:01 +01:00
Mamy André-Ratsimbazafy
5620bbfaee
rename io tests ti io bigints
2020-02-16 11:29:27 +01:00
Mamy André-Ratsimbazafy
23ecb9a221
Add a (failing) test vs GMP for modular multiplication on BN254 curve Field
2020-02-16 02:20:08 +01:00
Mamy André-Ratsimbazafy
10346d83a4
Benchmark: BigInt -> Montgomery conversion:
...
- shlAddMod (with assembly division) is already 4x slower than Montgomery Multiplication based.
- constant-time division will be even slower
- use montgomery-multiplication based conversion
2020-02-16 01:43:17 +01:00
Mamy André-Ratsimbazafy
bd1430157f
Add BLS12-381 curve:
...
- don't create "Mod" in curve parser: compile-time type incompatibility
- don't use "Mod" in const sections: compile-time type incompat --> create a macro to get montgomery magics instead of a const array
2020-02-16 00:44:01 +01:00
Mamy André-Ratsimbazafy
05a2c6a34b
Properly precompute the montomery cosntants at compile-time and store them in ROM
2020-02-15 20:43:38 +01:00