Mike Hamburg
|
d36b1b0d1b
|
begin porting faster scalarmul algos (currently broken tho)
|
9 years ago |
Mike Hamburg
|
284bc0bd17
|
yep, selection-based is slightly faster. using constant_time.h for now...
|
9 years ago |
Michael Hamburg
|
d7fef55d55
|
test alternative selection-based ladder
|
9 years ago |
Mike Hamburg
|
62d7f131d3
|
some more simplification...
|
9 years ago |
Mike Hamburg
|
2422a265a5
|
getting simpler
|
9 years ago |
Mike Hamburg
|
a5834af9fc
|
test is in and passing; slightly simplified so far but nothing major
|
9 years ago |
Mike Hamburg
|
7681070015
|
more factoring and bug fixes. Need to put direct_scalarmul in pathological test cases and then simplify it
|
9 years ago |
Mike Hamburg
|
edd2883e59
|
condswap is the main remaining bottleneck on monty ladder. comment in a pragma but dont actually use it yet...
|
9 years ago |
Michael Hamburg
|
43241c6a66
|
OK decaf mont ladder works but should simplify
|
9 years ago |
Michael Hamburg
|
543df14916
|
decaf direct scalarmul montgomery version coded but WRONG
|
10 years ago |
Michael Hamburg
|
e84fd3f1fd
|
define experimental direct_scalarmul, which can be implemented as monty ladder (at least for comparison purposes at the beginning)
|
10 years ago |
Michael Hamburg
|
aab80b7b51
|
faster code can now use non-reduced field ops
|
10 years ago |
Michael Hamburg
|
e154bb7667
|
faster code can now use non-reduced field ops
|
10 years ago |
Michael Hamburg
|
a36a82d7e1
|
faster code can now use non-reduced field ops
|
10 years ago |
Michael Hamburg
|
90cb3b238a
|
dedicated double
|
10 years ago |
Michael Hamburg
|
ae24f96e09
|
copying existing decaf impl to "fast" version. not that fast yet, but uses native field mul code. Also rework precomputed tables to be agnostic of underlying impl
|
10 years ago |
Mike Hamburg
|
c7daa6d74b
|
going to change this branch to be decaf-only, with the main branch being main-goldilocks-only. but first, remove irrelelevant sqrt(-d)
|
10 years ago |
Mike Hamburg
|
ccfeb083a7
|
adjust history.txt. Also, that last fix on RDRAND is thanks to John Mark Gurney.
|
10 years ago |
Mike Hamburg
|
39ca07a060
|
fix rax input for rdrand detection
|
10 years ago |
Mike Hamburg
|
6c9230e398
|
SHAKE-based rng
|
10 years ago |
Michael Hamburg
|
cdc4ab2bc5
|
doh i had identity swapped with base; sigs work now but they need a comprehensive test
|
10 years ago |
Michael Hamburg
|
a3f7056262
|
Remove impossible todo; sigs still don't work
|
10 years ago |
Michael Hamburg
|
4eb8567730
|
decaf signatures, but they dont work yet
|
10 years ago |
Michael Hamburg
|
608eb2e065
|
Begin work on decaf_crypto. Have an ECDH analog now. Add decaf_bzero. Remove a bunch of testing from bench.c.
|
10 years ago |
Mike Hamburg
|
b274e35d9a
|
Add "precomputed" API to decaf. It doesnt actually precompute in the mini decaf impl, but it passes tests.
|
10 years ago |
Michael Hamburg
|
d280028cee
|
define _BSD_SOURCE for endian
|
10 years ago |
Michael Hamburg
|
4c508f3670
|
minor doc fix
|
10 years ago |
Michael Hamburg
|
ade8246a3d
|
bench shake; API_VIS on shake
|
10 years ago |
Michael Hamburg
|
f4c76b7487
|
SHAKE and SHA3 instances (experimental) based on code from David Leon Gil. Tested by hand but needs automatic KAT. I might also want to include Keyak or some similar duplex construction eventually.
|
10 years ago |
Mike Hamburg
|
994812cf14
|
differentiate curve
|
10 years ago |
Mike Hamburg
|
c50e8e8bf1
|
decaf is now 32-bit clean
|
10 years ago |
Michael Hamburg
|
26cff2228d
|
fix decaf decode identity
|
10 years ago |
Michael Hamburg
|
dfdb35510d
|
check me: remove special case on decode
|
10 years ago |
Michael Hamburg
|
f3c6a5a6a5
|
s/multilpy/multiply/g; thanks Robert Ransom
|
10 years ago |
Michael Hamburg
|
294efc87f3
|
fuse crandom seed+buffer because they are accessed as a single object. probably needs a bit more testing though
|
10 years ago |
Michael Hamburg
|
201a8a277a
|
moving toward field/arch independence
|
10 years ago |
Michael Hamburg
|
acf4443c48
|
DECAF_SER_BYTES -> DECAF_SCALAR_BYTES in scalar codec
|
10 years ago |
Michael Hamburg
|
c08c4f4879
|
scalar_copy
|
10 years ago |
Mike Hamburg
|
5622eb9741
|
dont unroll when optimizing for size unless -DDECAF_FORCE_UNROLL
|
10 years ago |
Mike Hamburg
|
bcf7c88da8
|
fix another couple undeclared / misnamed function bugs
|
10 years ago |
Michael Hamburg
|
a924ff4509
|
comments
|
10 years ago |
Michael Hamburg
|
06be9ef253
|
decaf double and double-scalarmul, but needs to be tested
|
10 years ago |
Michael Hamburg
|
d4f4d0ed60
|
ready for prime time?
|
10 years ago |
Michael Hamburg
|
83c59a645a
|
decaf scalars work
|
10 years ago |
Mike Hamburg
|
8e10a91976
|
remove GCC error
|
10 years ago |
Michael Hamburg
|
8967a9dff2
|
some scalar code which is probably wrong
|
10 years ago |
Michael Hamburg
|
0dc21dd9d7
|
negation properties for elligator
|
10 years ago |
Michael Hamburg
|
d2ab89bdc5
|
better docs on Elligator
|
10 years ago |
Michael Hamburg
|
6ae70daba4
|
better docs on Elligator
|
10 years ago |
Michael Hamburg
|
27129a17e6
|
remove extra comments on decaf elligator
|
10 years ago |