search

square / jna-gmp

A Java JNA wrapper around the GNU Multiple Precision Arithmetic Library.
Apache License 2.0
62 stars 24 forks source link

modPow: support negative base and exponent #27

Closed dragonsinth closed 7 years ago

dragonsinth commented 7 years ago

@thhofer please take a look at this version

thhofer commented 7 years ago

Looks good! Definitely an improvement on my suggestion.

The only issue I might have with it: some operations in the secure version now depend on the sign of the exponent. Thus, timing attacks might reveal the sign of the exponent, which might or might not be an issue depending on context, but that's precisely what we'd like to avoid in the secure version, right?

dragonsinth commented 7 years ago

I don't think it should be a big problem, the cost of the modPow should dwarf everything else in any cases where it could matter. @JakeWharton any thoughts?

JakeWharton commented 7 years ago

I don't know enough to have an opinion. I can try to find someone that would if it's needed.