Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Use WNAF-based multiplication for ECDSA verification #1764

Closed
wants to merge 9 commits into from
Closed

Use WNAF-based multiplication for ECDSA verification #1764

wants to merge 9 commits into from

Conversation

briansmith
Copy link
Owner

Implement a generic ECDSA WNAF-based twin-multiplication function.

@codecov
Copy link

codecov bot commented Oct 19, 2023
edited
Loading

Codecov Report

Merging #1764 (b901286) into main (27aa538) will increase coverage by 0.03%.
Report is 2 commits behind head on main.
The diff coverage is 98.68%.

@@            Coverage Diff             @@
##             main    #1764      +/-   ##
==========================================
+ Coverage   96.00%   96.04%   +0.03%     
==========================================
  Files         138      141       +3     
  Lines       20746    21154     +408     
  Branches      226      231       +5     
==========================================
+ Hits        19918    20318     +400     
- Misses        790      798       +8     
  Partials       38       38
Files Coverage Δ
crypto/limbs/limbs.c 95.48% <100.00%> (+0.10%) ⬆️
src/arithmetic/bigint.rs 99.29% <100.00%> (-0.02%) ⬇️
src/bits.rs 100.00% <100.00%> (ø)
src/ec/suite_b/ops/elem.rs 88.40% <ø> (ø)
src/ec/suite_b/ops/p256.rs 100.00% <100.00%> (ø)
src/ec/suite_b/ops/p384.rs 100.00% <100.00%> (ø)
src/ec/suite_b/ops/vartime.rs 100.00% <100.00%> (ø)
src/ec/suite_b/ops.rs 98.03% <97.95%> (-0.06%) ⬇️
src/ec/suite_b/ops/fallback.rs 99.43% <99.43%> (ø)
src/limb.rs 98.70% <94.11%> (-0.27%) ⬇️
... and 1 more

... and 1 file with indirect coverage changes

📣 We’re building smart automated test selection to slash your CI/CD build times. Learn more

@briansmith
Copy link
Owner Author

@vkrasnov I think this might become a better basis for the P-521 ECDSA verification. My plan is to replace all the "nistz" C code for P-384 (and P-521) with this generalized Rust code.

  • This uses simpler addition formulas (the same as BoringSSL non-nistz256 code) that don't require so many specialized arithmetic routines. This should make it very easy to adapt to P-521.
  • This doesn't implement templates or #include-based templating. The same object code is used for all curves (except P-256 when using nistz).
  • I am hoping this might already be faster for P-384 than what we've been doing. We need to make benchmarks to see.

WDYT?

@vkrasnov
Copy link
Contributor

Yeah I wanted to do something like this myself, but wanted to avoid a big change. I am on vacation but will take a look next week.

@briansmith briansmith mentioned this pull request Oct 19, 2023
Draft
@briansmith
Copy link
Owner Author

Closing this in favor of #1768, which strips out the fallback point addition and doubling functions.

@briansmith briansmith closed this Oct 24, 2023
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers
No reviews
Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
2 participants
@briansmith @vkrasnov