Skip to content

HTTPS clone URL

Subversion checkout URL

You can clone with
or
.
Download ZIP

Comparing changes

Choose two branches to see what's changed or to start a new pull request. If you need to, you can also compare across forks.

Open a pull request

Create a new pull request by comparing changes across two branches. If you need to, you can also compare across forks.
...
compare: 1a332f6fa0
  • 2 commits
  • 3 files changed
  • 0 commit comments
  • 1 contributor
Showing with 78 additions and 15 deletions.
  1. +6 −3 include/bn.h
  2. +50 −3 src/zm2.cpp
  3. +22 −9 test/bn.cpp
View
9 include/bn.h
@@ -679,8 +679,11 @@ struct Fp6T : public mie::local::addsubmul<Fp6T<T>,
/*
Algorithm 11 in App.B of Aranha et al. ePrint 2010/526
+ NOTE:
+ The original version uses precomputed and stored value of -P[1].
+ But, we do not use that, this algorithm always calculates it.
+
input P[0..2], R[0..2]
- @note assume P[2] = -P[1]
R <- [2]R,
(l00, 0, l02, 0, l11, 0) = f_{R,R}(P),
l = (a,b,c) = (l00, l11, l02)
@@ -757,7 +760,8 @@ struct Fp6T : public mie::local::addsubmul<Fp6T<T>,
Fp2::mul_Fp_0(l.c_, l.c_, P[0]);
// # 17
- Fp2::mul_Fp_0(l.b_, t3, P[2]); /* RRR P[2] = -P[1]; */
+ Fp2::mul_Fp_0(l.b_, t3, P[1]);
+ Fp2::neg(l.b_, l.b_);
}
/*
Algorithm 12 in App.B of Aranha et al. ePrint 2010/526
@@ -2300,7 +2304,6 @@ void opt_atePairing(Fp12T<Fp6T<Fp2T<Fp> > > &f, const Fp2T<Fp> *Q, const Fp *_P)
Fp P[3];
P[0] = _P[0];
P[1] = _P[1];
- Fp::neg(P[2], _P[1]);
Fp2 T[3];
T[0] = Q[0];
T[1] = Q[1];
View
53 src/zm2.cpp
@@ -855,6 +855,46 @@ struct PairingCode : Xbyak::CodeGenerator {
in_Fp_add(mz + 32 * i, mx + 32 * i, my + 32 * i);
}
}
+
+ void in_Fp_neg(const Reg32e& mz, const Reg32e& mx)
+ {
+ load_rm(gt4, gt3, gt2, gt1, mx);
+ mov(rdx, gt1);
+ or(rdx, gt2);
+ or(rdx, gt3);
+ or(rdx, gt4);
+ jz("@f");
+ load_sub_rm(gt4, gt3, gt2, gt1, rax, mx, false);
+L("@@");
+ store_mr(mz, gt4, gt3, gt2, gt1);
+ }
+ void in_Fp_neg(int n, const Reg32e& mz, const Reg32e& mx)
+ {
+ mov32c(rax, (uint64_t)&s_pTbl[1]);
+ for (int i = 0; i < n; i++) {
+ in_Fp_neg(mz + 32 * i, mx + 32 * i);
+ }
+ }
+ void in_Fp2_neg(const Reg32e& mz, const Reg32e& mx)
+ {
+ // smart_set_gp for only two arguments.
+ lea(gp1, ptr [mz]);
+ if (mx == mz) {
+ mov(gp2, gp1);
+ } else {
+ lea(gp2, ptr [mx]);
+ }
+
+ call(p_Fp2_neg);
+ }
+ void set_p_Fp2_neg()
+ {
+ align(16);
+ p_Fp2_neg = (void*)const_cast<uint8_t*>(getCurr());
+ in_Fp_neg(2, gp1, gp2);
+ ret();
+ }
+
void in_Fp2_add(const Reg32e& mz, const Reg32e& mx, const Reg32e& my)
{
smart_set_gp(mz, mx, my);
@@ -2964,19 +3004,24 @@ struct PairingCode : Xbyak::CodeGenerator {
movq(gp3, Psave);
call(p_Fp_mul);
- // Fp2::mul_Fp_0(l.b_, t3, P[2]);
+ // # 17
+ // Fp2::mul_Fp_0(l.b_, t3, P[1]);
movq(l.r_, lsave);
movq(P, Psave);
lea(gp1, ptr [l.b_]);
lea(gp2, ptr [t3]);
- lea(gp3, ptr [P + sizeof(Fp) * 2]);
+ lea(gp3, ptr [P + sizeof(Fp) * 1]);
call(p_Fp_mul);
movq(l.r_, lsave);
movq(P, Psave);
lea(gp1, ptr [l.b_.b_]);
lea(gp2, ptr [t3.b_]);
- lea(gp3, ptr [P + sizeof(Fp) * 2]);
+ lea(gp3, ptr [P + sizeof(Fp) * 1]);
call(p_Fp_mul);
+
+ // Fp2::neg(t3, t3);
+ movq(l.r_, lsave);
+ in_Fp2_neg(l.b_, l.b_);
}
PairingCode(size_t size, void *userPtr)
@@ -3084,6 +3129,7 @@ struct PairingCode : Xbyak::CodeGenerator {
// generate code
set_p_Fp_mul();
+ set_p_Fp2_neg();
set_p_Fp2_add();
set_p_Fp2_sub();
set_p_Fp2_addNC();
@@ -3377,6 +3423,7 @@ struct PairingCode : Xbyak::CodeGenerator {
bool isRaxP_; // true if rax is set to a pointer to p
uint64_t pp_; // for Fp_mul
void *p_Fp_mul;
+ void *p_Fp2_neg;
void *p_Fp2_add;
void *p_Fp2_sub;
void *p_Fp2_square;
View
31 test/bn.cpp
@@ -465,6 +465,17 @@ void testFp2()
printf("Fp2::mul_Fp_0\t%6.2fclk\n", clk.getClock() / double(N));
}
+ {
+ Xbyak::util::Clock clk;
+ clk.begin();
+ const size_t N = 10000;
+ for (size_t i = 0; i < N; i++) {
+ Fp2::mul_Fp_1(x, Param::half);
+ }
+ clk.end();
+ printf("Fp2::mul_Fp_1\t%6.2fclk\n", clk.getClock() / double(N));
+ }
+
Fp2 r2(Fp(2), Fp(0));
r2.inverse();
{
@@ -504,6 +515,17 @@ void testFp2()
clk.begin();
const size_t N = 10000;
for (size_t i = 0; i < N; i++) {
+ Fp2::divBy4(x, x);
+ }
+ clk.end();
+ printf("Fp2::dibBy4\t%6.2fclk\n", clk.getClock() / double(N));
+ }
+
+ {
+ Xbyak::util::Clock clk;
+ clk.begin();
+ const size_t N = 10000;
+ for (size_t i = 0; i < N; i++) {
Fp2::mul(x, x, x);
}
clk.end();
@@ -805,13 +827,6 @@ void testFp6()
x *= y;
TEST_EQUAL(x, Fp6(1));
- const Fp6 a(Fp2(Fp("12962627302162075398060982177087436574303347298537835668202414221253817262982"), Fp("138260844306952217670025767932179019912073169546101859135312230638880521223")),
- Fp2(Fp("15137160497776903814679214726809029070339754602997091488396727793679994724725"), Fp("14585393257630973637130780517598702183004769121002667593088137712456098389147")),
- Fp2(Fp("11656022636984400462137420855351583248422833051633377387451406154513829093114"), Fp("14215712895255419029580702653008196543286207503420913686381671784091829605544")));
- const Fp6 b(Fp2(Fp("13266032064412835795130953448702250621050762510696965292045893361178860841079"), Fp("2457069570102593370680131966272186058752442119075136300728910430721054975883")),
- Fp2(Fp("2761323283613335519656714595170176518640718973086035562998271277678441691369"), Fp("9282239544249417776161170354699989681427448957391036300962080470210029743316")),
- Fp2(Fp("4725335130491002940371667092034595414883167034697622603206446595963780685950"), Fp("2979604114551910299899042707207603351108418195709860388438523763202896562826")));
-
{
Xbyak::util::Clock clk;
clk.begin();
@@ -2103,8 +2118,6 @@ void testFp2Dbl_mul_mod()
{
puts(__FUNCTION__);
- const Fp2 one(Fp("1"), Fp("0"));
-
const Fp2 a(Fp("0x19cd6cf2a9dc668d011b54f13a92591457dcdd5b946cf92af95ca820077972b6"),
Fp("0x24f737c85b07fa5103d2dfa5a44d0a9c2ee6138de25c709cdd2f526dab19eae0"));
const Fp2Dbl ad("0xd3f77def5c0d18d7f1449afb9c117dfeb51c1fe1208d056ad21c679c5ec71c4642b58a8c4f44ce7ed74f49cf92ae8428d5741cc65ee00bf090ec506c952af6",

No commit comments for this range

Something went wrong with that request. Please try again.