berendsliedrecht
commented
1 year ago Out of scope for this PR, but I think the equivalent is not happening for the pure rust implementation, correct?
Closed jovfer closed 1 year ago
berendsliedrecht
commented
1 year ago Out of scope for this PR, but I think the equivalent is not happening for the pure rust implementation, correct?
jovfer
commented
1 year ago @berendsliedrecht seems like that. I don't expect zeroing from default BigNum implementation. Another side question: is the pure rust usable at all? I tried some tests and got x15 slow down vs openssl.
berendsliedrecht
commented
1 year ago @berendsliedrecht seems like that. I don't expect zeroing from default BigNum implementation.
Probably have to add there then as well.
Another side question: is the pure rust usable at all? I tried some tests and got x15 slow down vs openssl.
Yes, it is usable. The downside of the pure rust implementation is that it does not rely on openssl's massively optimized safe prime generator. Right now, IIRC, we rely on glass_pumpkin for this, which does not have access to a lot of asm optimizations.
This basically means that it is usable for the holder and verifier but the issuer will have to deal with massive slow downs sadly.
Mike, the author of glass_pumpkin has created another library unknown_order which we should probably use for all BN related work. It comes built in with a pure rust, openssl and GMP versions. This would remove quite a bit of code from this repository, but that is for another time I'd say.
Fix #26