[curves] New curve25519/ed25519 library
Mehdi Sotoodeh
mehdisotoodeh at gmail.com
Tue Jun 30 07:35:52 PDT 2015
I would like to introduce a remarkable implementation of x25519 and ed25519
library. The sources are hosted at: https://github.com/msotoodeh/curve25519
The code is experimental but rather stable. It is compact, portable and
uses simple design logic.
On the security front, it employs several measures for side-channel
security.
But the most remarkable feature is speed. This library sets new speed
records. It uses a new technique I call it FOLDING for achieving this goal.
FOLDING chops the scalar multiplier into n pieces (or folds) and operates
on the folds simultaneously reducing number of point operations by a factor
of 4 or 8. For example, ed25519 signature takes 31 point doubling and 31
point additions.
Folding uses pre-calculated tables: 1.5 KB for 4-fold and 24 KB for 8-folds.
The total cost of pre and post calculation is comparable with windowed
implementations when window-size is equal to number of folds).
I welcome your comments and appreciate your expert opinion on this library.
Regards,
Mehdi Sotoodeh.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://moderncrypto.org/mail-archive/curves/attachments/20150630/4a694b95/attachment.html>
More information about the Curves
mailing list