crypto/internal/bigmod: switch to saturated limbs #59463
Assignees
Labels
NeedsFix
The path to resolution is known, but the work has not been done.
Performance
release-blocker
Milestone
Comments
FiloSottile
added
Performance
NeedsFix
This was referenced Apr 6, 2023
|
Change https://go.dev/cl/471259 mentions this issue: |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Package bigmod uses unsaturated 63-bit limbs because the tradition suggests that's faster, but that might be only true when targeting portable C. With access to add-with-carry instructions, Montgomery multiplication can be much faster with sautrated limbs, and we already have optimized assembly for that in math/big.
Switching bigmod to saturated limbs should allow us to reuse the math/big assembly cores, getting RSA performance back to Go 1.19 levels.
https://go.dev/cl/471259
The text was updated successfully, but these errors were encountered: