Possible optimization.

relic-toolkit · Sep 12, 2024 · 285e474 · 285e474
1 parent bb8c752
commit 285e474
Show file tree

Hide file tree

Showing 2 changed files with 25 additions and 9 deletions.
diff --git a/src/epx/relic_ep4_mul.c b/src/epx/relic_ep4_mul.c
@@ -83,7 +83,7 @@ static void ep4_psi(ep4_t r, const ep4_t p) {
 #if EP_MUL == LWNAF || !defined(STRIP)
 
 static void ep4_mul_gls_imp(ep4_t r, const ep4_t p, const bn_t k) {
-	size_t l, _l[8];
+	size_t l, _l[8], w = RLC_WIDTH;
 	bn_t n, _k[8], u;
 	int8_t naf[8][RLC_FP_BITS + 1];
 	ep4_t q, t[8][1 << (RLC_WIDTH - 2)];
@@ -110,17 +110,25 @@ static void ep4_mul_gls_imp(ep4_t r, const ep4_t p, const bn_t k) {
 		bn_mod(_k[0], k, n);
 		bn_rec_frb(_k, 8, _k[0], u, n, ep_curve_is_pairf() == EP_BN);
 
+		l = 0;
+		for (size_t i = 0; i < 8; i++) {
+			l = RLC_MAX(l, bn_bits(_k[i]));
+		}
+		if (l < bn_bits(u) / 2) {
+			w = 2;
+		}
+
 		l = 0;
 		for (size_t i = 0; i < 8; i++) {
 			_l[i] = RLC_FP_BITS + 1;
-			bn_rec_naf(naf[i], &_l[i], _k[i], RLC_WIDTH);
+			bn_rec_naf(naf[i], &_l[i], _k[i], w);
 			l = RLC_MAX(l, _l[i]);
 		}
 		ep4_norm(q, p);
 		if (bn_sign(_k[0]) == RLC_NEG) {
 			ep4_neg(q, q);
 		}
-		ep4_tab(t[0], q, RLC_WIDTH);
+		ep4_tab(t[0], q, w);
 
 		if (ep_curve_is_pairf() == EP_K16 || ep_curve_is_pairf() == EP_N16) {
 			/* Minimize use of endomorphism when it's expensive. */
@@ -129,11 +137,11 @@ static void ep4_mul_gls_imp(ep4_t r, const ep4_t p, const bn_t k) {
 				if (bn_sign(_k[i]) == RLC_NEG) {
 					ep4_neg(q, q);
 				}
-				ep4_tab(t[i], q, RLC_WIDTH);
+				ep4_tab(t[i], q, w);
 			}
 		} else {
 			for (size_t i = 1; i < 8; i++) {
-				for (size_t j = 0; j < (1 << (RLC_WIDTH - 2)); j++) {
+				for (size_t j = 0; j < (1 << (w - 2)); j++) {
 					ep4_psi(t[i][j], t[i - 1][j]);
 					if (bn_sign(_k[i]) != bn_sign(_k[i - 1])) {
 						ep4_neg(t[i][j], t[i][j]);

diff --git a/src/epx/relic_ep8_mul.c b/src/epx/relic_ep8_mul.c
@@ -41,7 +41,7 @@
 #if EP_MUL == LWNAF || !defined(STRIP)
 
 static void ep8_mul_gls_imp(ep8_t r, const ep8_t p, const bn_t k) {
-	size_t l, _l[16];
+	size_t l, _l[16], w = RLC_WIDTH;
 	bn_t n, _k[16], u;
 	int8_t naf[16][RLC_FP_BITS + 1];
 	ep8_t q, t[16][1 << (RLC_WIDTH - 2)];
@@ -68,19 +68,27 @@ static void ep8_mul_gls_imp(ep8_t r, const ep8_t p, const bn_t k) {
 		bn_mod(_k[0], k, n);
 		bn_rec_frb(_k, 16, _k[0], u, n, ep_curve_is_pairf() == EP_BN);
 
+		l = 0;
+		for (size_t i = 0; i < 8; i++) {
+			l = RLC_MAX(l, bn_bits(_k[i]));
+		}
+		if (l < bn_bits(u) / 2) {
+			w = 2;
+		}
+
 		l = 0;
 		for (size_t i = 0; i < 16; i++) {
 			_l[i] = RLC_FP_BITS + 1;
-			bn_rec_naf(naf[i], &_l[i], _k[i], RLC_WIDTH);
+			bn_rec_naf(naf[i], &_l[i], _k[i], w);
 			l = RLC_MAX(l, _l[i]);
 			if (i == 0) {
 				ep8_norm(q, p);
 				if (bn_sign(_k[0]) == RLC_NEG) {
 					ep8_neg(q, q);
 				}
-				ep8_tab(t[0], q, RLC_WIDTH);
+				ep8_tab(t[0], q, w);
 			} else {
-				for (size_t j = 0; j < (1 << (RLC_WIDTH - 2)); j++) {
+				for (size_t j = 0; j < (1 << (w - 2)); j++) {
 					ep8_frb(t[i][j], t[i - 1][j], 1);
 					if (bn_sign(_k[i]) != bn_sign(_k[i - 1])) {
 						ep8_neg(t[i][j], t[i][j]);