From 349df9d00884331d89693c98dabb57e89bb5cd06 Mon Sep 17 00:00:00 2001 From: Loup Vaillant Date: Wed, 5 Dec 2018 23:44:33 +0100 Subject: [PATCH] Fully pre-compute the base point window --- src/monocypher.c | 64 +++++++++++++++++++++++++++++++++++++++++++++++- 1 file changed, 63 insertions(+), 1 deletion(-) diff --git a/src/monocypher.c b/src/monocypher.c index 39e3bf9..4e7a2e9 100644 --- a/src/monocypher.c +++ b/src/monocypher.c @@ -1585,6 +1585,62 @@ static void ge_double(ge *s, const ge *p, ge *q) fe_mul(s->T, q->X , q->T); } +static const fe B_Yp[16] = { + {25967493, -14356035, 29566456, 3660896, -12694345, + 4014787, 27544626, -11754271, -6079156, 2047605}, + {15636291, -9688557, 24204773, -7912398, 616977, + -16685262, 27787600, -14772189, 28944400, -1550024}, + {10861363, 11473154, 27284546, 1981175, -30064349, + 12577861, 32867885, 14515107, -15438304, 10819380}, + {5153746, 9909285, 1723747, -2777874, 30523605, + 5516873, 19480852, 5230134, -23952439, -15175766}, + {-22518993, -6692182, 14201702, -8745502, -23510406, + 8844726, 18474211, -1361450, -13062696, 13821877}, + {-25154831, -4185821, 29681144, 7868801, -6854661, + -9423865, -12437364, -663000, -31111463, -16132436}, + {-33521811, 3180713, -2394130, 14003687, -16903474, + -16270840, 17238398, 4729455, -18074513, 9256800}, + {-3151181, -5046075, 9282714, 6866145, -31907062, + -863023, -18940575, 15033784, 25105118, -7894876}, +}; +static const fe B_Ym[16] = { + {-12545711, 934262, -2722910, 3049990, -727428, + 9406986, 12720692, 5043384, 19500929, -15469378}, + {16568933, 4717097, -11556148, -1102322, 15682896, + -11807043, 16354577, -11775962, 7689662, 11199574}, + {4708026, 6336745, 20377586, 9066809, -11272109, + 6594696, -25653668, 12483688, -12668491, 5581306}, + {-30269007, -3463509, 7665486, 10083793, 28475525, + 1649722, 20654025, 16520125, 30598449, 7715701}, + {-6455177, -7839871, 3374702, -4740862, -27098617, + -10571707, 31655028, -7212327, 18853322, -14220951}, + {25576264, -2703214, 7349804, -11814844, 16472782, + 9300885, 3844789, 15725684, 171356, 6466918}, + {-25182317, -4174131, 32336398, 5036987, -21236817, + 11360617, 22616405, 9761698, -19827198, 630305}, + {-24326370, 15950226, -31801215, -14592823, -11662737, + -5090925, 1573892, -2625887, 2198790, -15804619}, +}; +static const fe B_T2[16] = { + {-8738181, 4489570, 9688441, -14785194, 10184609, + -12363380, 29287919, 11864899, -24514362, -4438546}, + {30464156, -5976125, -11779434, -15670865, 23220365, + 15915852, 7512774, 10017326, -17749093, -9920357}, + {19563160, 16186464, -29386857, 4097519, 10237984, + -4348115, 28542350, 13850243, -23678021, -15815942}, + {28881845, 14381568, 9657904, 3680757, -20181635, + 7843316, -31400660, 1370708, 29794553, -1409300}, + {4566830, -12963868, -28974889, -12240689, -7602672, + -2830569, -8514358, -10431137, 2207753, -3209784}, + {23103977, 13316479, 9739013, -16149481, 817875, + -15038942, 8965339, -14088058, -30714912, 16193877}, + {-13720693, 2639453, -24237460, -7406481, 9494427, + -5774029, -6554551, -15960994, -2449256, -14291300}, + {-3099351, 10324967, -2241613, 7453183, -5446979, + -2735503, -13812022, -16236442, -32461234, -12290683}, +}; + + #define WINDOW_WIDTH 5 #define WINDOW_SIZE (1<<(WINDOW_WIDTH-2)) @@ -1647,7 +1703,13 @@ static void ge_double_scalarmult_vartime(ge *sum, const ge *P, // cached points for addition ge_cached cP[WINDOW_SIZE]; ge_precompute(cP, P); - ge_cached cB[WINDOW_SIZE]; ge_precompute(cB, &B); + ge_cached cB[WINDOW_SIZE]; + FOR (i, 0, WINDOW_SIZE) { + fe_copy(cB[i].Yp, B_Yp[i]); + fe_copy(cB[i].Ym, B_Ym[i]); + fe_copy(cB[i].T2, B_T2[i]); + fe_1 (cB[i].Z); + } i8 p_adds[253 + WINDOW_WIDTH]; slide(WINDOW_WIDTH, p_adds, p); i8 b_adds[253 + WINDOW_WIDTH]; slide(WINDOW_WIDTH, b_adds, b); -- 2.47.3