mratsim
commented
4 months ago Benches:
Closed mratsim closed 4 months ago
mratsim
commented
4 months ago Benches:
mratsim
commented
4 months ago Now Tonelli-Shanks vartime is not much slower for sqrt than a simple prime p ≡ 5 (mod 8). Note that Edwards25519 curve uses Montgomery representation at the moment and does not use fast reduction techniques from it's Pseudo-Mersenne Prime properties.
advaita-saha
commented
4 months ago This builds on top of #354 and #356 to bring a further 20% perf improvement to Bandersnatch/Banderwagon square root and point deserialization.
The technique was hinted at in this comment: #354 (comment)
This is the first part of a larger refactoring to make the square root via discrete log constant-time (#358) and introduce a sage script for constant generation (#359)
Note: as this is only tested in verkle trees test, and those are not in nimble yet (pending #330), the local test must be:
nim c -r --outdir:build tests/t_ethereum_verkle_primitives.nim
Tests for SerDe and Banderwagon operations are added in constantine.nimble, which was added along with the PR #278. Only IPA tests are not yet added in the nimble mentioned here #330
This builds on top of #354 and #356 to bring a further 20% perf improvement to Bandersnatch/Banderwagon square root and point deserialization.
The technique was hinted at in this comment: https://github.com/mratsim/constantine/pull/354#discussion_r1485112409
This is the first part of a larger refactoring to make the square root via discrete log constant-time (#358) and introduce a sage script for constant generation (#359)
Note: as this is only tested in verkle trees test, and those are not in nimble yet (pending #330), the local test must be: