Factored out redundant squaring in Elligator

author Loup Vaillant <loup@loup-vaillant.fr>

Sun, 27 Jun 2021 16:29:28 +0000 (18:29 +0200)

committer Loup Vaillant <loup@loup-vaillant.fr>

Sun, 27 Jun 2021 16:32:19 +0000 (18:32 +0200)
author Loup Vaillant <loup@loup-vaillant.fr>
Sun, 27 Jun 2021 16:29:28 +0000 (18:29 +0200)
committer Loup Vaillant <loup@loup-vaillant.fr>
Sun, 27 Jun 2021 16:32:19 +0000 (18:32 +0200)
diff --git a/src/monocypher.c b/src/monocypher.c

index 8aeed41cd7c1268d026907c272f60b5b4650ad73..ccf496b415770ba1733ee6a8c035cf63e7ba508e 100644 (file)
--- a/src/monocypher.c
+++ b/src/monocypher.c
@@ -2719,7 +2719,8 @@ void crypto_hidden_to_curve(uint8_t curve[32], const uint8_t hidden[32])
  
      fe r, u, t1, t2, t3;
      fe_frombytes(r, clamped);
-    fe_sq2(t1, r);
+    fe_sq(r, r);
+    fe_add(t1, r, r);
      fe_add(u, t1, fe_one);
      fe_sq (t2, u);
      fe_mul(t3, A2, t1);
@@ -2728,8 +2729,7 @@ void crypto_hidden_to_curve(uint8_t curve[32], const uint8_t hidden[32])
      fe_mul(t1, t2, u);
      fe_mul(t1, t3, t1);
      int is_square = invsqrt(t1, t1);
-    fe_sq(u, r);
-    fe_mul(u, u, ufactor);
+    fe_mul(u, r, ufactor);
      fe_ccopy(u, fe_one, is_square);
      fe_sq (t1, t1);
      fe_mul(u, u, A);
author	Loup Vaillant <loup@loup-vaillant.fr>
	Sun, 27 Jun 2021 16:29:28 +0000 (18:29 +0200)
committer	Loup Vaillant <loup@loup-vaillant.fr>
	Sun, 27 Jun 2021 16:32:19 +0000 (18:32 +0200)