[curves] curve25519-donna stack usage
Thomas DuBuisson
thomas.dubuisson at gmail.com
Fri Dec 9 11:03:57 PST 2016
On Fri, Dec 9, 2016 at 10:52 AM, Mike Hamburg <mike at shiftleft.org> wrote:
> OK, I’ve released my tiny x25519 code as open source.
Do you think it would be worth proving equivalence of your code with
another implementation, such as -donna? If so, how similar are the
structures and fundamental operations?
-Thomas
> This is the
> platform-agnostic version. The ARM asm version isn’t there, it’s staying
> proprietary for now :-/. But you can get most of the effect by
> intrinsic’ing umaal and friends.
>
> https://sourceforge.net/p/strobe/code/ci/master/tree/x25519.c
> https://sourceforge.net/p/strobe/code/ci/master/tree/x25519.h
>
> Presumably this code could be accelerated somewhat by using a dedicated
> sqr() routine, or by unrolling loops and inlining code. Maybe I’ll get
> around to that at some point, but there’s a bunch more to be done with that
> repository to make it useful.
>
> These files also have a totally nonstandard signature implementation, the
> only real advantage of which is that it adds very little code.
>
> Let me know what you think, or if you find any bugs or missing features.
>
> Cheers,
> — Mike
>
> On Nov 9, 2016, at 4:13 PM, Jason A. Donenfeld <Jason at zx2c4.com> wrote:
>
> I just tried out the so called "tweet nacl implementation", because it
> has very tiny stack requirements. It was 26 times slower than donna.
> Wow!
>
>
>
> _______________________________________________
> Curves mailing list
> Curves at moderncrypto.org
> https://moderncrypto.org/mailman/listinfo/curves
>
More information about the Curves
mailing list