-
-
Notifications
You must be signed in to change notification settings - Fork 672
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
core/crypto: Even more improvments #3288
Merged
Merged
Conversation
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Yawning
force-pushed
the
feature/even-moar-crypto
branch
8 times, most recently
from
March 25, 2024 23:47
ef47b1e
to
3b1b3e9
Compare
Yawning
force-pushed
the
feature/even-moar-crypto
branch
14 times, most recently
from
April 4, 2024 11:58
30a7e54
to
2d9a0dc
Compare
Yawning
force-pushed
the
feature/even-moar-crypto
branch
8 times, most recently
from
April 7, 2024 17:52
2dfc905
to
c7aa5a6
Compare
Yawning
force-pushed
the
feature/even-moar-crypto
branch
from
April 8, 2024 05:26
c7aa5a6
to
26996e2
Compare
This allows runtime detection as to if `rand_bytes` is supported or not, and lets us enable the test-case on all of the supported targets.
Largely for consistency with the generic code, either is valid with Odin semantics, but this is easier to comprehend.
Yawning
force-pushed
the
feature/even-moar-crypto
branch
5 times, most recently
from
April 9, 2024 05:05
962db2e
to
f22e1d1
Compare
Yawning
force-pushed
the
feature/even-moar-crypto
branch
from
April 9, 2024 05:38
f22e1d1
to
fa1d681
Compare
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Add this suggestion to a batch that can be applied as a single commit.
This suggestion is invalid because no changes were made to the code.
Suggestions cannot be applied while the pull request is closed.
Suggestions cannot be applied while viewing a subset of changes.
Only one suggestion per line can be applied in a batch.
Add this suggestion to a batch that can be applied as a single commit.
Applying suggestions on deleted lines is not supported.
You must change the existing code in this line in order to create a valid suggestion.
Outdated suggestions cannot be applied.
This suggestion has been applied or marked resolved.
Suggestions cannot be applied from pending reviews.
Suggestions cannot be applied on multi-line comments.
Suggestions cannot be applied while the pull request is queued to merge.
Suggestion cannot be applied right now. Please check back later.
Faster scalar-basepoint multiply(defered, a lot of extra complexity)Performance isn't amazing, clocking in at ~58 us keygen/sign, and ~60(+5) us verify. But as I made a conscious decision to tradeoff performance for "easy to implement, understand, and audit", this is more than acceptable. For reference, an implementation that pulls out all the stops does sign/keygen in ~18 us, and verify in ~37 us on my system, when the assembly is disabled.
The low hanging fruit for future improvement would be to add the comb based scalar-basepoint multiply, since that can also accelerate X25519 keygen. Improving the verify performance would require using the lattice decompose-then-multiply, which is incredibly complicated, and the existing implementation is ballpark competitive with others since the difference between a 4-bit fixed window, vs 5-bit sliding window isn't massive.