Commit 994812cf authored by Mike Hamburg's avatar Mike Hamburg

differentiate curve

parent c50e8e8b
This diff is collapsed.
This diff is collapsed.
......@@ -266,12 +266,12 @@ int main(int argc, char **argv) {
when = now() - when;
printf("barrett mac: %5.1fns\n", when * 1e9 / i);
decaf_scalar_t asc,bsc,csc;
decaf_448_scalar_t asc,bsc,csc;
memset(asc,0,sizeof(asc));
memset(bsc,0,sizeof(bsc));
when = now();
for (i=0; i<nbase*10; i++) {
decaf_scalar_mul(csc,asc,bsc);
decaf_448_scalar_mul(csc,asc,bsc);
}
when = now() - when;
printf("decaf mulsc: %5.1fns\n", when * 1e9 / i);
......@@ -296,13 +296,13 @@ int main(int argc, char **argv) {
when = now() - when;
printf("txt + txt : %5.1fns\n", when * 1e9 / i);
decaf_point_t Da,Db,Dc;
decaf_448_point_t Da,Db,Dc;
memset(Da,0,sizeof(Da));
memset(Db,0,sizeof(Db));
memset(Dc,0,sizeof(Dc));
when = now();
for (i=0; i<nbase*100; i++) {
decaf_point_add(Da,Db,Dc);
decaf_448_point_add(Da,Db,Dc);
}
when = now() - when;
printf("dec + dec: %5.1fns\n", when * 1e9 / i);
......@@ -368,14 +368,14 @@ int main(int argc, char **argv) {
when = now();
for (i=0; i<nbase/10; i++) {
decaf_point_scalarmul(Da,Db,asc);
decaf_448_point_scalarmul(Da,Db,asc);
}
when = now() - when;
printf("decaf slow: %5.1fµs\n", when * 1e6 / i);
when = now();
for (i=0; i<nbase/10; i++) {
decaf_point_double_scalarmul(Da,Db,bsc,Dc,asc);
decaf_448_point_double_scalarmul(Da,Db,bsc,Dc,asc);
}
when = now() - when;
printf("decaf slo2: %5.1fµs\n", when * 1e6 / i);
......
......@@ -8,13 +8,13 @@
mpz_t mp_field;
mpz_t mp_scalar_field;
static void decaf_scalar_print (
static void decaf_448_scalar_print (
const char *descr,
const decaf_scalar_t scalar
const decaf_448_scalar_t scalar
) {
int j;
printf("%s = 0x", descr);
for (j=DECAF_SCALAR_LIMBS-1; j>=0; j--) {
for (j=DECAF_448_SCALAR_LIMBS-1; j>=0; j--) {
printf(PRIxWORDfull, scalar->limb[j]);
}
printf("\n");
......@@ -35,24 +35,24 @@ static mask_t mpz_to_field (
}
static mask_t mpz_to_scalar (
decaf_scalar_t out,
decaf_448_scalar_t out,
const mpz_t in
) {
uint8_t ser[DECAF_SCALAR_BYTES];
uint8_t ser[DECAF_448_SCALAR_BYTES];
mpz_t modded;
memset(ser,0,sizeof(ser));
mpz_init(modded);
mpz_mod(modded, in, mp_scalar_field);
mpz_export(ser, NULL, -1, 1, -1, 0, modded);
mask_t succ = decaf_scalar_decode(out, ser);
mask_t succ = decaf_448_scalar_decode(out, ser);
return succ;
}
static mask_t scalar_assert_eq_gmp(
const char *descr,
const decaf_scalar_t a,
const decaf_scalar_t b,
const decaf_scalar_t x,
const decaf_448_scalar_t a,
const decaf_448_scalar_t b,
const decaf_448_scalar_t x,
const mpz_t ma,
const mpz_t mb,
const mpz_t y
......@@ -62,7 +62,7 @@ static mask_t scalar_assert_eq_gmp(
memset(yser,0,sizeof(yser));
decaf_scalar_encode(xser, x);
decaf_448_scalar_encode(xser, x);
mpz_init(modded);
mpz_mod(modded, y, mp_scalar_field);
......@@ -71,9 +71,9 @@ static mask_t scalar_assert_eq_gmp(
if (memcmp(xser,yser,FIELD_BYTES)) {
youfail();
printf(" Failed arithmetic test %s\n", descr);
decaf_scalar_print(" a", a);
decaf_scalar_print(" b", b);
decaf_scalar_print(" decaf", x);
decaf_448_scalar_print(" a", a);
decaf_448_scalar_print(" b", b);
decaf_448_scalar_print(" decaf_448", x);
// printf(" gmpa = 0x");
int j;
......@@ -217,22 +217,22 @@ static mask_t test_scalar (
const mpz_t x,
const mpz_t y
) {
decaf_scalar_t xx,yy,tt;
decaf_448_scalar_t xx,yy,tt;
mpz_t t;
mask_t succ = MASK_SUCCESS;
succ = mpz_to_scalar(xx,x);
succ &= mpz_to_scalar(yy,y);
mpz_init(t);
decaf_scalar_add(tt,xx,yy);
decaf_448_scalar_add(tt,xx,yy);
mpz_add(t,x,y);
succ &= scalar_assert_eq_gmp("scalar add",xx,yy,tt,x,y,t);
decaf_scalar_sub(tt,xx,yy);
decaf_448_scalar_sub(tt,xx,yy);
mpz_sub(t,x,y);
succ &= scalar_assert_eq_gmp("scalar sub",xx,yy,tt,x,y,t);
decaf_scalar_mul(tt,xx,yy);
decaf_448_scalar_mul(tt,xx,yy);
mpz_mul(t,x,y);
succ &= scalar_assert_eq_gmp("scalar mul",xx,yy,tt,x,y,t);
......@@ -322,7 +322,7 @@ int test_arithmetic (void) {
mpz_init(mp_field);
mpz_import(mp_field, FIELD_BYTES, -1, 1, -1, 0, FIELD_MODULUS);
mpz_import(mp_scalar_field, DECAF_SCALAR_LIMBS, -1, sizeof(decaf_word_t), -1, 0, decaf_scalar_p);
mpz_import(mp_scalar_field, DECAF_448_SCALAR_LIMBS, -1, sizeof(decaf_word_t), -1, 0, decaf_448_scalar_p);
mpz_t x,y;
mpz_init(x);
......
......@@ -157,14 +157,14 @@ add_double_test (
copy_tw_extensible(&textb, &text1);
add_tw_pniels_to_tw_extensible(&textb, &pn);
decaf_point_t ted3;
decaf_448_point_t ted3;
convert_tw_extensible_to_tw_extended(&ted1, &text1);
convert_tw_extensible_to_tw_extended(&ted2, &text2);
decaf_point_add(ted3, (struct decaf_point_s*)&ted1, (struct decaf_point_s*)&ted2);
decaf_448_point_add(ted3, (struct decaf_448_point_s*)&ted1, (struct decaf_448_point_s*)&ted2);
add_tw_extended(&ted1, &ted2);
convert_tw_extensible_to_tw_extended(&ted2, &textb);
if (~decaf_eq_tw_extended(&ted1, &ted2) | ~decaf_point_eq((struct decaf_point_s*)&ted1, ted3)) {
if (~decaf_eq_tw_extended(&ted1, &ted2) | ~decaf_448_point_eq((struct decaf_448_point_s*)&ted1, ted3)) {
youfail();
succ = 0;
printf(" Tw extended simple compat:\n");
......@@ -362,13 +362,13 @@ int test_decaf_evil (void) {
decaf_serialize_tw_extended(out_ed, pt_ed);
uint8_t ser_de[56], ser_ed[56];
decaf_point_t pt_dec, pt_dec2;
decaf_448_point_t pt_dec, pt_dec2;
memcpy(pt_dec, pt_ed, sizeof(pt_dec));
decaf_point_encode(ser_de, pt_dec);
mask_t succ_dec = decaf_point_decode(pt_dec2, ser_de, -1);
decaf_448_point_encode(ser_de, pt_dec);
mask_t succ_dec = decaf_448_point_decode(pt_dec2, ser_de, -1);
field_serialize(ser_ed, out_ed);
decaf_point_t p,q,m;
decaf_448_point_t p,q,m;
uint8_t oo_base_ser[56], n_base_ser[56];
field_a_t oo_base,tmp,tmp2;
field_isr(tmp,base);
......@@ -378,17 +378,17 @@ int test_decaf_evil (void) {
field_serialize(oo_base_ser,oo_base);
field_neg(tmp,base);
field_serialize(n_base_ser,tmp); // = -base
decaf_point_from_hash_nonuniform (p,random_input);
decaf_point_from_hash_nonuniform (q,oo_base_ser);
decaf_point_from_hash_nonuniform (m,n_base_ser);
mask_t succ_nur = decaf_point_valid(p);
succ_nur &= decaf_point_valid(q);
succ_nur &= decaf_point_valid(m);
decaf_448_point_from_hash_nonuniform (p,random_input);
decaf_448_point_from_hash_nonuniform (q,oo_base_ser);
decaf_448_point_from_hash_nonuniform (m,n_base_ser);
mask_t succ_nur = decaf_448_point_valid(p);
succ_nur &= decaf_448_point_valid(q);
succ_nur &= decaf_448_point_valid(m);
mask_t eq_neg, eq_pos;
eq_neg = decaf_point_eq(m,p);
decaf_point_add(m,p,q);
eq_pos = decaf_point_eq(m,decaf_point_identity);
eq_neg = decaf_448_point_eq(m,p);
decaf_448_point_add(m,p,q);
eq_pos = decaf_448_point_eq(m,decaf_448_point_identity);
if ((care_should && should != s_m)
|| ~s_base || s_e != s_te || s_m != s_te || s_ed != s_te
......@@ -396,9 +396,9 @@ int test_decaf_evil (void) {
|| (s_ed && ~field_eq(out_e,out_ed))
|| memcmp(ser_de, ser_ed, 56)
|| (s_e & ~succ_dec)
|| (s_e & ~decaf_point_eq(pt_dec, pt_dec2)
|| (s_e & ~decaf_point_valid(pt_dec))
|| (succ_dec & ~decaf_point_valid(pt_dec2))
|| (s_e & ~decaf_448_point_eq(pt_dec, pt_dec2)
|| (s_e & ~decaf_448_point_valid(pt_dec))
|| (succ_dec & ~decaf_448_point_valid(pt_dec2))
|| ~succ_nur
|| ~eq_neg
|| ~eq_pos)
......@@ -436,13 +436,13 @@ int test_decaf (void) {
int i, hits = 0, fails = 0;
if (~decaf_point_valid(decaf_point_base)) {
if (~decaf_448_point_valid(decaf_448_point_base)) {
youfail();
printf(" Decaf base point invalid\n");
fails++;
}
if (~decaf_point_valid(decaf_point_identity)) {
if (~decaf_448_point_valid(decaf_448_point_identity)) {
youfail();
printf(" Decaf identity point invalid\n");
fails++;
......
......@@ -111,10 +111,10 @@ single_scalarmul_compatibility_test (
scalarmul_vt(&work, scalar, nbits);
untwist_and_double_and_serialize(vt, &work);
decaf_point_t ed2;
decaf_448_point_t ed2;
tw_extended_a_t ed;
convert_tw_extensible_to_tw_extended(ed, &text);
decaf_point_scalarmul(ed2, (struct decaf_point_s *)ed, (struct decaf_scalar_s *)scalar);
decaf_448_point_scalarmul(ed2, (struct decaf_448_point_s *)ed, (struct decaf_448_scalar_s *)scalar);
scalarmul_ed(ed, scalar);
field_copy(work.x, ed->x);
......@@ -125,8 +125,8 @@ single_scalarmul_compatibility_test (
untwist_and_double_and_serialize(sced, &work);
uint8_t ser1[(FIELD_BITS+6)/8], ser2[(FIELD_BITS+6)/8];
decaf_point_encode(ser1, (struct decaf_point_s *)ed);
decaf_point_encode(ser2, ed2);
decaf_448_point_encode(ser1, (struct decaf_448_point_s *)ed);
decaf_448_point_encode(ser2, ed2);
/* check consistency mont vs window */
consistent &= field_eq(mont, ct);
......
Markdown is supported
0% or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment