c312210878
* naive removal of out-of-place mul by non residue * Use {.inline.} in a consistent manner across the codebase * Handle aliasing for quadratic multiplication * reorg optimization * Handle aliasing for quadratic squaring * handle aliasing in mul_sparse_complex_by_0y * Rework multiplication by nonresidue, assume tower and twist use same non-residue * continue rework * continue on non-residues * Remove "NonResidue *" calls * handle aliasing in Chung-Hasan SQR2 * Handla aliasing in Chung-Hasan SQR3 * Use one less temporary in Chung Hasan sqr2 * handle aliasing in cubic extensions * merge extension tower in the same file to reduce duplicate proc and allow better inlining * handle aliasing in cubic inversion * drop out-of-place proc from BigInt and finite fields as well * less copies in line_projective * remove a copy in fp12 by lines |
||
---|---|---|
.. | ||
README.md | ||
common.nim | ||
curves.nim | ||
curves_declaration.nim | ||
curves_derived.nim | ||
curves_parser.nim | ||
curves_prop_core.nim | ||
curves_prop_derived.nim | ||
precompute.nim | ||
type_bigint.nim | ||
type_ff.nim |
README.md
Common configuration
- Low-level logical and physical word definitions
- Elliptic curve declarations
- Cipher suites
Algorithms
Modular inverses mod 2ⁿ
We use "Dumas iterations" to precompute Montgomery magic number -1/n[0] (mod 2^Wordbitwidth)
Explanation p11 "Dumas iterations" based on Newton-Raphson:
- Cetin Kaya Koc (2017), https://eprint.iacr.org/2017/411
- Jean-Guillaume Dumas (2012), https://arxiv.org/pdf/1209.6626v2.pdf
- Colin Plumb (1994), http://groups.google.com/groups?selm=1994Apr6.093116.27805%40mnemosyne.cs.du.edu Other sources:
- https://crypto.stackexchange.com/questions/47493/how-to-determine-the-multiplicative-inverse-modulo-64-or-other-power-of-two
- https://mumble.net/~campbell/2015/01/21/inverse-mod-power-of-two
- http://marc-b-reynolds.github.io/math/2017/09/18/ModInverse.html