Unsignedio
/
micropython-curve25519
mirror of https://github.com/markqvist/micropython-curve25519.git
1
0
Fork 0
Code Issues Projects Releases Wiki Activity

added special improvment for modulus in montgomery multiplication; improves speed by 10%

master
pmvr 2020-06-07 10:54:36 +02:00
parent 76356e23af
commit f315aeb232
3 changed files with 45 additions and 12 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

14
README.md
View File

@ -26,13 +26,13 @@ Python script `x25519.py`
Test vectors from https://tools.ietf.org/html/rfc8031#appendix-A
Test 1: X25519: q = d*u
Computatation time: 45 ms
Computatation time: 40 ms
q [hex/dec] = 66c7fb0d9f7090f777fa8493081ce8a4f174dbbbf9a36f16ba571206d4ddd548 46489245826987382655505058740283756869827209462947799117248009944518788765000
Test 1 passed.
Test 2: X25519 + y-coordinate recovery + transform to Edwards-curve
(x, y) = Edward(q, r), (q, r) = d*(u, v)
Computatation time: 50 ms
Computatation time: 45 ms
x [hex/dec] = 1ce7e6e3a747a25352df2d3155f06427ba389769e37755731dead2b54c5cef03 13074494971479542188989287385397236998770807488645203601973104535274459557635
y [hex/dec] = 4dd1c7c2001c147333ceedf77ebd48b1100e2a95f88cf1f40d1b74ec7279e657 35198739055214410372845858661063095427357109357427482712729161712065293444695
Test 2 passed.
@ -41,23 +41,23 @@ Python script `x25519.py`
Python script `ed25519.py`
Test 1: Length of message: 0 bytes
Computatation time: 101 ms
Computatation time: 91 ms
Test 1 passed.
Test 2: Length of message: 1 byte
Computatation time: 101 ms
Computatation time: 91 ms
Test 2 passed.
Test 3: Length of message: 2 bytes
Computatation time: 101 ms
Computatation time: 91 ms
Test 3 passed.
Test 4: Length of message: 1023 bytes
Computatation time: 110 ms
Computatation time: 100 ms
Test 4 passed.
Test 5: Length of message: 64 bytes
Computatation time: 102 ms
Computatation time: 92 ms
Test 5 passed.
## Warning

41
mpy-modules/curve25519/arithmetic.c
View File

@ -132,7 +132,40 @@ void mul_zx0y0(uint32_t *z, uint32_t x, uint32_t y) {
: : "r" (x), "r" (y), "r" (z) : "r5", "r6"
);
}
void pu(uint32_t *t, uint32_t u) {
// computes (2^255 -19) * u
__asm__ volatile (
"MOV r3, 19\n"
"UMULL r5, r6, r3, %1\n"
"MOV r2, 0\n"
"LSRS %1, %1, 1\n"
"RRXS r2, r2\n"
"MOV r3, 0\n"
"SUBS r4, r3, r5\n"
"STMIA %0!, {r4}\n"
"SBCS r4, r3, r6\n"
"STMIA %0!, {r4}\n"
"SBCS r4, r3, r3\n"
"STMIA %0!, {r4}\n"
"SBCS r4, r3, r3\n"
"STMIA %0!, {r4}\n"
"SBCS r4, r3, r3\n"
"STMIA %0!, {r4}\n"
"SBCS r4, r3, r3\n"
"STMIA %0!, {r4}\n"
"SBCS r4, r3, r3\n"
"STMIA %0!, {r4}\n"
"SBCS r4, r2, r3\n"
"STMIA %0!, {r4}\n"
"SBCS r4, %1, r3\n"
"STMIA %0, {r4}\n"
//"SUBS %0, %0, 32\n"
: : "r" (t), "r" (u) : "r2", "r3", "r4", "r5", "r6"
);
}
void mont_mul_zxy_mod_p(uint32_t *z, uint32_t *x, uint32_t *y, uint32_t *p) {
// see Alg. 14.36 HoAC
@ -146,7 +179,8 @@ void mont_mul_zxy_mod_p(uint32_t *z, uint32_t *x, uint32_t *y, uint32_t *p) {
u = (a[0] + x[i] * y[0]) * 678152731;
mul_zxy(tmp, y, x[i]);
a[8] += tmp[8] + add_zxy(a, a, tmp);
mul_zxy(tmp, p, u);
// mul_zxy(tmp, p, u);
pu(tmp, u);
a[8] += tmp[8] + add_zxy(a, a, tmp); // A <- (A + xi y + u m) / b
for (int j=0; j<8; j++) a[j] = a[j+1];
a[8] = 0;
@ -168,7 +202,8 @@ void mont_mul_zxy0_mod_p(uint32_t *z, uint32_t *x, uint32_t y, uint32_t *p) {
u = (a[0] + x[i] * y) * 678152731;
mul_zx0y0(tmp, x[i], y);
a[8] += tmp[8] + add_zxy(a, a, tmp);
mul_zxy(tmp, p, u);
// mul_zxy(tmp, p, u);
pu(tmp, u);
a[8] += tmp[8] + add_zxy(a, a, tmp); // A <- (A + xi y + u m) / b
for (int j=0; j<8; j++) a[j] = a[j+1];
a[8] = 0;

2
mpy-modules/curve25519/main.c
View File

@ -1,10 +1,8 @@
// Include the header file to get access to the MicroPython API
#include "py/dynruntime.h"
#include "arithmetic.h"
#include "ec.h"
// This is the function which will be called from Python
STATIC mp_obj_t x25519(mp_obj_t k, mp_obj_t u) {
mp_buffer_info_t bufinfo_k, bufinfo_u;