Commit 6ca8e6a8 authored by davxy's avatar davxy

ECP multiplication using windowed algorithm

parent bef830ee
......@@ -26,6 +26,8 @@ Given a version number MAJOR.MINOR.PATCH
- ECP core arithmetic (add,dbl,mul)
- Load NIST-P256 EC parameters
- DSA end ECDSA digital signature
- ECP multiplication with windowed algorithm
[0.0.5] - 2016-10-02
--------------------
......
......@@ -42,6 +42,12 @@ Public key algorithms
- Diffie-Hellman
### Digital signature
- RSA (PKCS#1 v1.5)
- DSA
- ECDSA
Elliptic Curve
--------------
......
......@@ -26,7 +26,7 @@ CRY_DEBUG=y
# Use one octet digit in place of sizeof(unsigned long) octets.
# Warning: NO ADVANTAGES, just for testing purposes
CRY_MPI_SMALL_DIGIT=y
#CRY_MPI_SMALL_DIGIT=y
# Options: aes|weak|posix|win
CRY_PRNG=aes
......@@ -44,3 +44,6 @@ CRY_MPI_MUL_COMBA=y
# Karatsuba multiplier enabled, see the mpi_mul.c to set the CUTOFF
CRY_MPI_MUL_KARATSUBA=y
# Elliptic curve point multiplication with windowed algorithm (faster)
CRY_ECP_MUL_WIN=y
......@@ -19,6 +19,94 @@
#include "cry/ecp.h"
#include "mpi/mpi_pvt.h" /* CRY_MPI_DIGIT_BITS */
#include <stdlib.h> /* malloc() */
#define CHK(exp) do { if ((res = (exp)) != 0) goto e; } while (0)
#ifdef CRY_ECP_MUL_WIN
#define WINSIZ 4
#define WINPTS (1 << WINSIZ)
#define WINMSK (WINPTS-1)
int cry_ecp_mul(cry_ecp *pr, const cry_ecp *p1, const cry_mpi *k,
const cry_mpi *a, const cry_mpi *p)
{
int res, i, j, w, paf = 1;
struct cry_ecp r, *win = NULL;
cry_mpi_digit msk;
if ((res = cry_ecp_init(&r)) != 0)
return res;
/*
* BEGIN window generation
*/
win = malloc(sizeof(cry_ecp) * WINPTS);
if (win == NULL)
goto e0;
for (i = 0; i < WINPTS; i++) {
if ((res = cry_ecp_init(&win[i])) != 0) { // 0P
while (i-- > 0) /* rollback */
cry_ecp_clear(&win[i]);
goto e1;
}
}
CHK(cry_ecp_copy(&win[1], p1)); // 1P
CHK(cry_ecp_dbl(&win[2], &win[1], a, p)); // 2P
CHK(cry_ecp_add(&win[3], &win[2], &win[1], p)); // 3P
CHK(cry_ecp_dbl(&win[4], &win[2], a, p)); // 4P
CHK(cry_ecp_add(&win[5], &win[4], &win[1], p)); // 5P
CHK(cry_ecp_add(&win[6], &win[5], &win[1], p)); // 6P
CHK(cry_ecp_add(&win[7], &win[6], &win[1], p)); // 7P
CHK(cry_ecp_dbl(&win[8], &win[4], a, p)); // 8P
CHK(cry_ecp_add(&win[9], &win[8], &win[1], p)); // 9P
CHK(cry_ecp_add(&win[10], &win[9], &win[1], p)); // 10P
CHK(cry_ecp_add(&win[11], &win[10], &win[1], p)); // 11P
CHK(cry_ecp_add(&win[12], &win[11], &win[1], p)); // 12P
CHK(cry_ecp_add(&win[13], &win[12], &win[1], p)); // 13P
CHK(cry_ecp_add(&win[14], &win[13], &win[1], p)); // 14P
CHK(cry_ecp_add(&win[15], &win[14], &win[1], p)); // 15P
/*
* END window generation
*/
i = k->used;
while (i > 0) {
i--;
w = (CRY_MPI_DIGIT_BITS - WINSIZ);
msk = ((cry_mpi_digit)WINMSK) << w;
j = CRY_MPI_DIGIT_BITS;
while (j > 0) {
if (!paf) {
for (w = 0; w < WINSIZ; w++)
CHK(cry_ecp_dbl(&r, &r, a, p));
}
j -= WINSIZ;
w = (k->data[i] & msk) >> j;
if (w > 0) {
if (!paf) {
CHK(cry_ecp_add(&r, &r, &win[w], p));
} else {
paf = 0; /* First addition */
CHK(cry_ecp_copy(&r, &win[w]));
}
}
msk >>= WINSIZ;
}
}
/* Success */
cry_ecp_swap(pr, &r);
e: for (i = 0; i < WINPTS; i++)
cry_ecp_clear(&win[i]);
e1: free(win);
e0: cry_ecp_clear(&r);
return res;
}
#else /* !CRY_ECP_MUL_WIN */
int cry_ecp_mul(cry_ecp *pr, const cry_ecp *p1, const cry_mpi *k,
const cry_mpi *a, const cry_mpi *p)
......@@ -58,3 +146,5 @@ e: cry_mpi_clear_list(&dp.x, &dp.y, &r.x, &r.y, 0);
return res;
}
#endif /* CRY_ECP_MUL_WIN */
Markdown is supported
0% or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment