-
Notifications
You must be signed in to change notification settings - Fork 1k
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Safegcd inverses, drop Jacobi symbols, remove libgmp #831
Commits on Mar 8, 2021
-
Add secp256k1_ctz{32,64}_var functions
These functions count the number of trailing zeroes in non-zero integers.
Configuration menu - View commit details
-
Copy full SHA for de0a643 - Browse repository at this point
Copy the full SHA de0a643View commit details -
Add safegcd based modular inverse modules
Refactored by: Pieter Wuille <pieter@wuille.net>
Configuration menu - View commit details
-
Copy full SHA for 8e415ac - Browse repository at this point
Copy the full SHA 8e415acView commit details -
Add extensive comments on the safegcd algorithm and implementation
This adds a long comment explaining the algorithm and implementation choices by building it up step by step in Python. Comments in the code are also reworked/added, with references to the long explanation.
Configuration menu - View commit details
-
Copy full SHA for d8a92fc - Browse repository at this point
Copy the full SHA d8a92fcView commit details -
This adds tests for the modinv{32,64}_impl.h directly (before the functions are used inside the field/scalar code). It uses a naive implementation of modular multiplication and gcds in order to verify the modular inverses themselves.
Configuration menu - View commit details
-
Copy full SHA for 151aac0 - Browse repository at this point
Copy the full SHA 151aac0View commit details
Commits on Mar 11, 2021
-
Improve bounds checks in modinv modules
This commit adds functions to verify and compare numbers in signed{30,62} notation, and uses that to do more extensive bounds checking on various variables in the modinv code.
Configuration menu - View commit details
-
Copy full SHA for 08d5496 - Browse repository at this point
Copy the full SHA 08d5496View commit details -
Move secp256k1_scalar_{inverse{_var},is_even} to per-impl files
This temporarily duplicates the inversion code across the 4x64 and 8x32 implementations. Those implementations will be replaced in a later commit.
Configuration menu - View commit details
-
Copy full SHA for aa404d5 - Browse repository at this point
Copy the full SHA aa404d5View commit details -
Move secp256k1_fe_inverse{_var} to per-impl files
This temporarily duplicates the inversion code across the 5x52 and 10x26 implementations. Those implementations will be replaced in a next commit.
Configuration menu - View commit details
-
Copy full SHA for 436281a - Browse repository at this point
Copy the full SHA 436281aView commit details
Commits on Mar 12, 2021
-
Configuration menu - View commit details
-
Copy full SHA for 1e0e885 - Browse repository at this point
Copy the full SHA 1e0e885View commit details -
Improve field/scalar inverse tests
Add a new run_inverse_tests that replaces all existing field/scalar inverse tests, and tests a few identities for fixed inputs, small numbers (-999...999), random inputs (structured and unstructured), as well as comparing with the output of secp256k1_fe_inv_all_var.
Configuration menu - View commit details
-
Copy full SHA for aa9cc52 - Browse repository at this point
Copy the full SHA aa9cc52View commit details -
Configuration menu - View commit details
-
Copy full SHA for 5437e7b - Browse repository at this point
Copy the full SHA 5437e7bView commit details -
Remove unused Jacobi symbol support
No exposed functions rely on Jacobi symbol computation anymore. Remove it; it can always be brough back later if needed.
Configuration menu - View commit details
-
Copy full SHA for 20448b8 - Browse repository at this point
Copy the full SHA 20448b8View commit details
Commits on Mar 15, 2021
-
The whole "num" API and its libgmp-based implementation are now unused. Remove them.
Configuration menu - View commit details
-
Copy full SHA for 1f233b3 - Browse repository at this point
Copy the full SHA 1f233b3View commit details -
Optimization: special-case zero modulus limbs in modinv64
Both the field and scalar modulus can be written in signed{30,62} notation with one or more zero limbs. Make use of this in the update_de function to avoid a few wide multiplications when that is the case. This doesn't appear to be a win in the 32-bit implementation, so only do it for the 64-bit one.
Configuration menu - View commit details
-
Copy full SHA for 9164a1b - Browse repository at this point
Copy the full SHA 9164a1bView commit details -
Optimization: use formulas instead of lookup tables for cancelling g …
…bits This only seems to be a win on 64-bit platforms, so only do it there. Refactored by: Pieter Wuille <pieter@wuille.net>
Configuration menu - View commit details
-
Copy full SHA for b306935 - Browse repository at this point
Copy the full SHA b306935View commit details -
Optimization: track f,g limb count and pass to new variable-time upda…
…te_fg_var The magnitude of the f and g variables generally goes down as the algorithm progresses. Make use of this by keeping tracking how many limbs are used, and when the number becomes small enough, make use of this to reduce the complexity of arithmetic on them. Refactored by: Pieter Wuille <pieter@wuille.net>
Configuration menu - View commit details
-
Copy full SHA for ebc1af7 - Browse repository at this point
Copy the full SHA ebc1af7View commit details -
Configuration menu - View commit details
-
Copy full SHA for 24ad04f - Browse repository at this point
Copy the full SHA 24ad04fView commit details