mirror/openssl
2
0
Fork 0
mirror of https://github.com/openssl/openssl.git synced 2024-12-09 05:51:54 +08:00
Code Issues Packages Projects Releases Wiki Activity
9d91530d2d
openssl/crypto/ec
History
Billy Brumley 9d91530d2d EC GFp ladder 
This commit leverages the Montgomery ladder scaffold introduced in #6690
(alongside a specialized Lopez-Dahab ladder for binary curves) to
provide a specialized differential addition-and-double implementation to
speedup prime curves, while keeping all the features of
`ec_scalar_mul_ladder` against SCA attacks.

The arithmetic in ladder_pre, ladder_step and ladder_post is auto
generated with tooling, from the following formulae:

- `ladder_pre`: Formula 3 for doubling from Izu-Takagi "A fast parallel
  elliptic curve multiplication resistant against side channel attacks",
  as described at
  https://hyperelliptic.org/EFD/g1p/auto-shortw-xz.html#doubling-dbl-2002-it-2
- `ladder_step`: differential addition-and-doubling Eq. (8) and (10)
  from Izu-Takagi "A fast parallel elliptic curve multiplication
  resistant against side channel attacks", as described at
  https://hyperelliptic.org/EFD/g1p/auto-shortw-xz.html#ladder-ladd-2002-it-3
- `ladder_post`: y-coordinate recovery using Eq. (8) from Brier-Joye
  "Weierstrass Elliptic Curves and Side-Channel Attacks", modified to
  work in projective coordinates.

Co-authored-by: Nicola Tuveri <nic.tuv@gmail.com>

Reviewed-by: Andy Polyakov <appro@openssl.org>
Reviewed-by: Rich Salz <rsalz@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/6772)
2018-07-26 19:41:16 +02:00
..
asm Add ec/asm/x25519-ppc64.pl module. 2018-07-26 14:01:49 +02:00
curve448 Remove some logically dead code 2018-05-31 10:38:51 +01:00
build.info Add ec/asm/x25519-ppc64.pl module. 2018-07-26 14:01:49 +02:00
curve25519.c ec/curve25519.c: reorganize for better accessibility. 2018-07-15 19:06:06 +02:00
ec2_oct.c
ec2_smpl.c EC2M Lopez-Dahab ladder: use it also for ECDSA verify 2018-07-16 10:17:40 +01:00
ec_ameth.c Check for failures, to avoid memory leak 2018-07-25 15:57:18 -04:00
ec_asn1.c ECDSA_SIG: add simple getters for commonly used struct members 2018-05-28 19:11:23 +02:00
ec_check.c
ec_curve.c Improve compatibility of point and curve checks 2018-05-24 17:17:44 +01:00
ec_cvt.c
ec_err.c EC2M Lopez-Dahab ladder: use it also for ECDSA verify 2018-07-16 10:17:40 +01:00
ec_key.c Update copyright year 2018-04-17 15:18:40 +02:00
ec_kmeth.c
ec_lcl.h EC GFp ladder 2018-07-26 19:41:16 +02:00
ec_lib.c EC2M Lopez-Dahab ladder: use it also for ECDSA verify 2018-07-16 10:17:40 +01:00
ec_mult.c EC2M Lopez-Dahab ladder: use it also for ECDSA verify 2018-07-16 10:17:40 +01:00
ec_oct.c Improve compatibility of point and curve checks 2018-05-24 17:17:44 +01:00
ec_pmeth.c ec/ec_pmeth.c: minor cleanups and readability fixes. 2018-06-25 16:42:43 +02:00
ec_print.c Update copyright year 2018-04-17 15:18:40 +02:00
ecdh_kdf.c
ecdh_ossl.c Update copyright year 2018-04-03 13:57:12 +01:00
ecdsa_ossl.c ec/ecdsa_ossl.c: switch to fixed-length Montgomery multiplication. 2018-07-18 16:09:56 +02:00
ecdsa_sign.c
ecdsa_vrf.c
eck_prn.c
ecp_mont.c EC GFp ladder 2018-07-26 19:41:16 +02:00
ecp_nist.c EC GFp ladder 2018-07-26 19:41:16 +02:00
ecp_nistp224.c EC2M Lopez-Dahab ladder: use it also for ECDSA verify 2018-07-16 10:17:40 +01:00
ecp_nistp256.c EC2M Lopez-Dahab ladder: use it also for ECDSA verify 2018-07-16 10:17:40 +01:00
ecp_nistp521.c EC2M Lopez-Dahab ladder: use it also for ECDSA verify 2018-07-16 10:17:40 +01:00
ecp_nistputil.c
ecp_nistz256_table.c
ecp_nistz256.c ec/ecp_nistz256.c: fix Coverity nit. 2018-07-25 15:45:18 +02:00
ecp_oct.c
ecp_smpl.c EC GFp ladder 2018-07-26 19:41:16 +02:00
ecx_meth.c Add support getting raw private/public keys 2018-06-08 10:04:09 +01:00