mpn_sec_add_1_itch

Niels Möller nisse at lysator.liu.se
Sat Jul 5 21:25:30 UTC 2014


tg at gmplib.org (Torbjörn Granlund) writes:

> nisse at lysator.liu.se (Niels Möller) writes:
>
>   Can we document that mpn_sec_add_1_itch(n) <= n? I see no reason any
>   implementation would need more scartch space, and this makes it possibly
>   to skip the function call to the itch function if one is willing to
>   always pass n limbs of scratch. E.g., if one has a dead area around
>   anyway.
>   
> This makes sense.

Done.

>     cy = mpn_addmul_1 (rp, rp + 4, (mp_limb_t) 19 << 1);
>
> We seem to have forgotten to document that that operand overlap is
> permitted.  Perhas you could fix that too?  (mpn_mul_1 has it, copying
> to addmul_1 and submul_1 would probably be sufficient.)

No overlap was intended there (I forgot the length 4 argument in the
example). But I've done that documentation change too, while at it.

I even have an apparently working mod (2^{255} - 19) function now, see
https://git.lysator.liu.se/nettle/nettle/blob/curve25519/ecc-25519.c
(not yet using GMP's mpn_sec_add_1, but an earlier incarnation, though).
Remains to figure out how to apply
http://cr.yp.to/papers.html#newelliptic to the ecc group operations.

Regards,
/Niels

-- 
Niels Möller. PGP-encrypted email is preferred. Keyid C0B98E26.
Internet email is subject to wholesale government surveillance.


More information about the gmp-devel mailing list