ed448goldilocks

Commit Graph

Author	SHA1	Message	Date
Michael Hamburg	facad6c2ac	unify decaf_crypto c versions, still need to unify with c++	9 years ago
Mike Hamburg	704b424982	dual scalarmul because of TLS discussion	9 years ago
Mike Hamburg	c6d7fdec35	some alignment and gcc-related fixes. Unfortunately, the python ffi still dies for alignment-related reasons :-(	9 years ago
Michael Hamburg	a1f5348e18	beginning to separate errors from bools. not there yet though	9 years ago
Michael Hamburg	196e9a85f8	cleanup word.h	9 years ago
Michael Hamburg	ab9060636f	remove unused gf_subx_RAW	9 years ago
Michael Hamburg	ce75aee929	move various arch things to word.h or their arch files	9 years ago
Michael Hamburg	23726f4f73	clear a todo from f_arithmetic.c	9 years ago
Michael Hamburg	5af980b85a	wipe out the multiple layers of rename between decaf_fast and field. still some serious HACKs in the include prio to avoid multiple definition of struct gf	9 years ago
Michael Hamburg	b6c12d7e38	doh	9 years ago
Mike Hamburg	8a1315e15f	get rid of unchecked isqrt. will be a tiny slowdown for p448 invert, called only in batch_invert	9 years ago
Mike Hamburg	93edb223bb	remove inverse from f_field.h	9 years ago
Mike Hamburg	0b59ddc2bf	move config to prime directories	9 years ago
Michael Hamburg	8202c43eba	remove ah = a*19	9 years ago
Michael Hamburg	03ecad0551	it compiles, but it certainly doesnt work yet	9 years ago
Michael Hamburg	b5f7c2eff8	tidy up	9 years ago
Michael Hamburg	f18cf359c6	remove files used by goldilocks/master, leaving only decaf	9 years ago
Mike Hamburg	d675971fee	demagication header and general cleanup	10 years ago
Mike Hamburg	edb25d093c	perf improvement in keygen, sign; fix perf regression for decaf versions of these	10 years ago
Mike Hamburg	7681070015	more factoring and bug fixes. Need to put direct_scalarmul in pathological test cases and then simplify it	10 years ago
Mike Hamburg	c7daa6d74b	going to change this branch to be decaf-only, with the main branch being main-goldilocks-only. but first, remove irrelelevant sqrt(-d)	10 years ago
Michael Hamburg	294efc87f3	fuse crandom seed+buffer because they are accessed as a single object. probably needs a bit more testing though	10 years ago
Michael Hamburg	3988b1ad7f	decaf first cut	10 years ago
Mike Hamburg	e251453d15	simple extended form is in. Probably simplify it more...	10 years ago
Mike Hamburg	812163ff60	decaf uses high bit instead of low bit	10 years ago
Michael Hamburg	12a5d0890c	decaf seems to work for monty; needs more testing, negative testing. Now should match sage script exactly.	10 years ago
Michael Hamburg	4f27b22a1d	decaf ladder is "correct", but not yet serializing to decaf	10 years ago
Michael Hamburg	93e866bb8c	gmp-style foo_t[1] for points too Conflicts: src/include/ec_point.h	10 years ago
Michael Hamburg	64ccdaf977	field_t * -> field_a_t	10 years ago
Michael Hamburg	d383dfe91e	going to GMP-style element[1] types Conflicts: src/include/ec_point.h src/p448/magic.c src/p480/magic.c src/p521/magic.c test/bench.c	10 years ago
Michael Hamburg	b0a2110717	remove probably-unnecessary optimizations (still needs benching to make sure) Conflicts: src/include/field.h	10 years ago
Michael Hamburg	825dd2128b	sync with master	10 years ago
Michael Hamburg	8abc24f4c6	montgomery aux step is defined; probably doesnt work	10 years ago
Michael Hamburg	ebb6b4db6d	both edwards and twisted edwards are in, and agree with one another. point comparison is in.	10 years ago
Michael Hamburg	8e3ed52dd3	sqrt(-d)	10 years ago
Michael Hamburg	a9e16440a2	decaf in and working for untwisted curve	10 years ago
Michael Hamburg	de113cbdb0	working on experimental, cofactor-removing compression code	10 years ago
Mike Hamburg	1d07343067	p521 testing, 803kcy ecdh	10 years ago
Mike Hamburg	6546660199	E-521-related changes. Not quite ready yet... This is largely a save-your-work checkin. Created p521/arch_ref64 code to make sure E-521 basically works. Fixed some of the testing code around E-521. It doesn't quite pass everything yet. Created p521/arch_x86_64 code with optimized multiply. In this checkin, the multiply is fast and works, but all the other code in that directory is the completely unoptimized ref64 build which reduces after every add and sub. So the whole thing isn't fast yet.	10 years ago
Mike Hamburg	0dc1b0de84	magic for p521. except not entirely, because there will probably be an impl with permuted limbs	10 years ago
Mike Hamburg	1f480b0f95	Big changes for curve flexibility. For details see HISTORY.txt. Very experimental Ed480-Ridinghood support is now in. It's not fully optimized, but in general the current build is 8-15% slower than Goldilocks. It only works on arch_x86_64, though arch_ref64 support ought to be easy. Support on other arches will be trickier, which is of course why I chose Goldilocks over Ridinghood in the first place. Next up, E-521. Hopefully. The code is starting to get spread out over a lot of files. Some are per field*arch, some per field, some per curve, some global. It's hard to do much about this, though, with a rather ugly .c.inc system. There's currently no way to make a Ridinghood eBAT. In fact, I haven't tested eBAT support in this commit. I also haven't tested NEON, but at least ARCH_32 works on Intel.	10 years ago
Michael Hamburg	b69f11509f	make sure _XOPEN_SOURCE gets defined before posix_memalign is used	10 years ago
Mike Hamburg	edc6afe496	no perf regression on haswell. Also, factored out field_cond_neg; restored p448_ prefixes in case of multiple fields in the same lib	10 years ago
Michael Hamburg	c6d69dec2e	WARNING: This commit is largely untested. Continuing demagication and factoring of field code. Removing high-level ops from p448.h and putting them in field.h. That way they won't need rewriting for new fields and architectures. Create constant_time.h which contains constant-time lookups, condswaps, etc. That way the code is the same on all architectures, instead of varying depending on whether the field size is a multiple of the vector register size. I should still add a constant_time_select to factor out field_cond_negate. TODO: I need to test this for correctness and performance on various platforms. It works on my Mac, but since Yosemite the timing is totally unpredictable (background tasks? variable boost?).	10 years ago
Michael Hamburg	b4ce20d667	merge in notes on elligator; move some point ops to ec_point	10 years ago
Mike Hamburg	165510d57c	Working on demagication, so as to support other curves for the CFRG benchmarks in a month or so. Create new src/arithmetic.c for field-independent arithmetic (eg batch invert, is_square). Replace p448_ with field_ where possible. Create constant EDWARDS_D = -39081. Create inline function field_mulw_scc for multiplying by compile-time signed curve constants.	10 years ago
Mike Hamburg	cc3c637732	Changes to the eBAT build system, to bring the code and package closer to how DJB expects them.	10 years ago
Michael Hamburg	4433591cfc	Forget yesterday's hack; just add an arch_config.h to each arch which says how many bits it is. Add batarch.map for eBATS architecture renaming.	10 years ago
Mike Hamburg	47b06f3ee3	Spell __clang_minor__ correctly. Also, this and the prev patch should fix SUPERCOP problems	10 years ago
Mike Hamburg	e692da09d3	Don't look at __SIZEOF_INT128__ on clang-3.2 or earlier, because they don't define it.	10 years ago

1 2

75 Commits (55766b76c97e2fc46e1a6cbb861223a814d7d2b7)