-
In order to use ECC as part of a merkle tree we need to construct a scheme where the collision resistance property is retained at every level, and where proof of the leaf preimage is required.
For …
-
In order to support more elaborate optimizations for the underlying multi-precision arithmetic, it might help to introduce a simpler "generic assembly" precisely for this purpose. Rather than manipula…
-
It has been almost a year since last release of BigInts. I would like to prioritize issues, and know which features are expected for the next release (next tag) of BigInt. There are no labels put on i…
-
WDYT? Is this publication in scope?
```
@article{Montgomery_1985,
author = {Montgomery, Peter L.},
doi = {10.1090/s0025-5718-1985-0777282-x},
issn = {1088-6842},
journal = {Mathematics of Computat…
aewag updated
2 weeks ago
-
Vast majority of computation cost lies in ge_add. mkp uses same technique as horse, that is adding 8-multiplies to a work public point, and bumping the secret scalar by 8 in lockstep.
One step cost…
-
An improved Montgomery algorithm, up to 50% performance improvement. It utilizes the particularity of low-order multiplication and mod B^n-1 algorithm to reduce the number of calculations. I have wr…
-
Hi! As part of a freelance work for [xelis](https://github.com/xelis-project/), I have been working on an implementation of [FastECDLP](https://eprint.iacr.org/2022/1573). My implementation works, and…
-
This issue tracks the progress on https://github.com/privacy-scaling-explorations/halo2/issues/187
##### Original text
> [ ] (optional +10% perf) implement extended Jacobian coordinates. Their m…
-
Thank you @tarcieri for the conversation (tag: @fjarri )
I would like to know the `pros` and `cons` of field arithmetic by **64 bit * 4** and **52 bit * 5**.
In bitcoin-core and rust crypto impl…
-
**Issue:** The current contract for `montgomery_reduce()` only guarantees that the output is within int16 bounds. This is not sufficient to prove the correctness of the matrix-vector base multiplicati…