Skip to content
This repository has been archived by the owner. It is now read-only.
Permalink
Browse files

Optimized the bn_inverse method.

The new method needs about 30 % less time for prime256k1 and is about
twice as fast for other moduli.  The base algorithm is the same.
The code is also a bit smaller and doesn't need the 8 kb precomputed
table.

Important canges:
1. even/odd distinction so that we need to test only one of the numbers
   for being even.  This also leads to less duplicated code.
2. Allow for shifting by 32 bits at a time in the even test.
3. Pack u,s and v,r into the same array, which saves a bit of stack memory.
4. Don't divide by two after subtraction; this simplifies code.
5. Abort as soon as u,v are equal, instead of subtracting them.
6. Use s instead of r after the loop; no negation needed.
7. New code that divides by 2^k fast without any precomputed values.
  • Loading branch information...
jhoenicke committed Mar 12, 2015
1 parent e37ba82 commit 7d4cf5cedd6a70a387cde86d87120ba0a44fc3b2
Showing with 230 additions and 515 deletions.
  1. +230 −245 bignum.c
  2. +0 −5 options.h
  3. +0 −261 secp256k1.c
  4. +0 −4 secp256k1.h

0 comments on commit 7d4cf5c

Please sign in to comment.
You can’t perform that action at this time.