curve25519-voi
curve25519-voi copied to clipboard
oasisprotocol
High-performance Curve25519/ristretto255 for Go.
This serves as a tracking issue to document which targets[1] are supported, along with ancillary information. | GOARCH | Supported | Backend | Notes | | :---: | :---: |...
``` # github.com/oasisprotocol/curve25519-voi/curve curve/edwards_vector_amd64.s:195:1: [amd64] vecConditionalSelect_AVX2: wrong argument size 32; expected $...-28 curve/edwards_vector_amd64.s:201:1: [amd64] vecConditionalSelect_AVX2: invalid VPBROADCASTD of mask+24(FP); uint32 is 4-byte value curve/window_amd64.s:9:1: [amd64] lookupAffineNiels: wrong argument size 24;...
At some point the sr25519 code should also have precomputation support for feature parity with ed25519. The gains here are not going to be as big because we do not...
Right now, the strategy used for batch verification with forgery identification is to fall back to serial verification. Per ["Faster batch fogery identification"](https://eprint.iacr.org/2012/549.pdf), it is possible to reuse intermediaries from...
fiat-crypto experimental sandbox (See: #78) * [x] fiat-crypto based u64 backend * [x] fiat-crypto base u32 backend * [x] Investigate performance * `CarryMul` * `CarrySquare` * `Add`/`Sub`/`Opp` + `Carry`(Upstream integrated...
[fiat-crypto][1] has neat formally verified/auto-generated field arithmetic that can be used to replace the fiddly bits of the internal/field package. It would be nice to be able to use it,...
Since the required underlying group operations are implemented, it would be relatively easy to support things like sr25519. Due to the popularity in certain spaces, this library should do so...
While there are a number of build tags to try to force the no assembly and 32-bit backends to be build and exercised this really should build and test with...
I poked at this in a branch, before not doing it because it is extremely expensive and only applicable to people doing something rather exotic, but there's no reason why...
During the external review it was pointed out that the field multiply, square, and inverse would gain some performance if the implementation used 64-bit saturated limbs. Since the relevant `math/bits`...
Metadata
Owner
Metadata
High-performance Curve25519/ristretto255 for Go.