RFR: 8295010: Reduce if required in EC limbs operations [v4]
Xue-Lei Andrew Fan
xuelei at openjdk.org
Mon Nov 21 07:17:07 UTC 2022
On Wed, 9 Nov 2022 14:27:26 GMT, Ferenc Rakoczi <duke at openjdk.org> wrote:
>> Xue-Lei Andrew Fan has updated the pull request with a new target base due to a merge or a rebase. The pull request now contains six commits:
>>
>> - Merge master
>> - missed reduce
>> - reduce if needed
>> - add the key pair generation bench code
>> - remove tabs
>> - 8295010: EC limbs addition and subtraction limit
>
> The way I see it is this: as limbs are 64-bit wide, the only place where they can possibly overflow (during the computations they are used for) is the multiplication (including multiply by int and squaring). So I would first try to change the mult() and square() methods only in IntegerPolynomialP256.java (well, in the generator that creates it).
> (It would also be nice to add comments to the various carry/reduce methods that explain what exactly they want to achieve -- although this is definitely something that doesn't have to be in this change set.)
> I also think (agree with you) that the setReduced() method can be eliminated if you reduce the multiplicands conditionally (if numAdds > maxAdds) before the multiplication/squaring and unconditionally after it (this part is done in the generated functions already). But that assumes you change all subclasses of IntegerPolynomial that way (most conveniently in the set[Product,Square]() methods).
@ferakocz Did you have further comments or concerns? Please let me know if I'm on the right direction for the performance improvement. Thanks!
-------------
PR: https://git.openjdk.org/jdk/pull/10624
More information about the security-dev
mailing list