05009f9407
Fix mux comment and link
2020-02-23 02:23:19 +01:00
dc46e86490
Create a specialized montgomery modular square function
2020-02-23 01:43:42 +01:00
c807707ee4
Add research on pairing curve implementations
2020-02-23 01:17:39 +01:00
68727e5c8d
Add modular inversion + test vs GMP
2020-02-22 19:50:24 +01:00
8cbbd40a0c
Add benchmark of constant-time vs unsafe powmod
2020-02-22 18:39:29 +01:00
acfc99c4f0
Add an unsafe modular exponentiation that may leak exponent bits to timing attacks/oscilloscopes/memory cache attacks
2020-02-22 18:18:17 +01:00
e0f4e49cb5
Test modular exponentiation with BN254 and BLS12-381 moduli
2020-02-22 16:56:04 +01:00
24f2e1088e
Fix modular exp tests
2020-02-22 16:39:57 +01:00
4b65d0d723
Skeleton of modular exponentiation
2020-02-22 16:37:31 +01:00
236047767f
move mask to common
2020-02-18 13:01:14 +01:00
ef5dd8345b
Allow compile-time bigint serialization + terminology: serialize -> export
2020-02-18 12:36:42 +01:00
9395febada
add octet string encode/decode (bigEndian raw int)
2020-02-18 11:54:36 +01:00
d7d20c50b6
Add primitive for window-based modular exponentiation
2020-02-17 00:13:42 +01:00
285b6aad1a
Add cmov according to Milagro / hash_to_curve spec
2020-02-16 22:18:22 +01:00
6694023f16
Revert "Use cmov name instead of mux to be in line with IETF spec on Hash to curve and Verifiable Random Functions"
...
This reverts commit 56177c0cfe
2020-02-16 22:13:54 +01:00
56177c0cfe
Use cmov name instead of mux to be in line with IETF spec on Hash to curve and Verifiable Random Functions
2020-02-16 21:34:21 +01:00
a1801e26a0
Now passing finite field test vs GMP
2020-02-16 19:08:19 +01:00
c3d458e31b
Fix bug in redc: use montgomery mul for now. Add NIST P256 curve
2020-02-16 18:59:10 +01:00
7740bfbae4
print montgomery magics at compile-time
2020-02-16 12:32:34 +01:00
f1430915fe
Add Mersenn 61 and 127 + debugging print
2020-02-16 12:03:01 +01:00
5620bbfaee
rename io tests ti io bigints
2020-02-16 11:29:27 +01:00
23ecb9a221
Add a (failing) test vs GMP for modular multiplication on BN254 curve Field
2020-02-16 02:20:08 +01:00
10346d83a4
Benchmark: BigInt -> Montgomery conversion:
...
- shlAddMod (with assembly division) is already 4x slower than Montgomery Multiplication based.
- constant-time division will be even slower
- use montgomery-multiplication based conversion
2020-02-16 01:43:17 +01:00
bd1430157f
Add BLS12-381 curve:
...
- don't create "Mod" in curve parser: compile-time type incompatibility
- don't use "Mod" in const sections: compile-time type incompat --> create a macro to get montgomery magics instead of a const array
2020-02-16 00:44:01 +01:00
05a2c6a34b
Properly precompute the montomery cosntants at compile-time and store them in ROM
2020-02-15 20:43:38 +01:00
4970572393
Introduce alternate conversion to Montgomery Residue based on Montgomery Multiplication
2020-02-15 19:22:40 +01:00
e2333dce3c
Terminology nres -> mres, montgomeryResidue, montyResidue
2020-02-15 16:11:17 +01:00
d3ad4acb3a
Do less in curve generator macro:
...
- no more monty magic "negInvModWord"
- no public "matchingBigInt"
Improve comment on Montgomery procedures
2020-02-15 13:56:13 +01:00
398b871c4f
Reorg the repo to introduce prepare for introducing the R² (mod p) magic constant
2020-02-15 13:13:01 +01:00
eb94c3d1bc
Add Montgomery Modular Multiplication
2020-02-15 02:59:08 +01:00
301cf20195
Use Montgomery representation by default for Finite Field
...
- Fix montyMagic, modular inversion mode 2^2k was missing an iteration
- Fix test for buffer size in BigInt serialization
- Add UINT/Hex serialization for finite fields
- Montgomery conversion and redc
2020-02-15 00:26:40 +01:00
f418e08746
For finite fields, we will use the Montgomery n-residue form by default
2020-02-14 13:36:34 +01:00
f6b229b19c
Modular addition and substraction tests
2020-02-13 00:11:45 +01:00
4cac44358f
Update security level of BN254 to ~100bits
2020-02-13 00:11:04 +01:00
3eb22f8fc7
Fix curve parser, implement smoke test for finite field
2020-02-12 23:57:51 +01:00
6226d86726
Update IO: dumpHex -> toHex dumpRawUint -> serializeRawUint
2020-02-12 21:57:39 +01:00
343399ba1c
Remove TODO comment about bound checking, UncheckedArray in the raw API are not bound checked
2020-02-12 00:33:12 +01:00
89fce3b1c4
Wrap tests in main. Fixes C codegen bug due to templates invocation on global variable in test_primitives
2020-02-12 00:25:48 +01:00
fe59efb8d8
reorganize the repo
2020-02-12 00:20:31 +01:00
28c9c472b3
Fix generated code duplication due to templates
2020-02-11 14:28:21 +01:00
2a438653a8
Don't emit useless inline C functions
2020-02-11 12:42:24 +01:00
24b0477ad7
Typo when testing for "negative" bigint, now passing testing vs GMP
2020-02-10 23:56:57 +01:00
b53f203e30
Fix raw uint serialization and start testing against GMP for 2000+bits bigints
2020-02-10 23:09:32 +01:00
8d160189d1
Fix extended prec multiplication carry. Passing modulo tests against medium BigInt (192~256 bits)
2020-02-10 22:19:47 +01:00
73b71a184c
Fix off-by-one copy, pass small bigints modulo tests
2020-02-10 19:57:35 +01:00
b689223cf5
Refactoring, optimize code-size: use type-erased views to avoid monomorphization of compute kernels
2020-02-10 18:16:34 +01:00
ade919b003
Fix carry and modulus offset in bigint
2020-02-10 02:58:37 +01:00
3033ae30f8
Fix uint32 extended precision multiplication
2020-02-10 02:12:44 +01:00
30f8756dfc
Temp switch to uint32 words for testing modulo. Remove tests that depend on word size
2020-02-10 00:16:46 +01:00
166a1075b1
add bigint display in GMP test
2020-02-09 23:26:39 +01:00
Mamy André-Ratsimbazafy