RFR: 8294731: Improve multiplicative inverse for secp256r1 implementation

Xue-Lei Andrew Fan xuelei at openjdk.org
Tue Oct 4 21:08:18 UTC 2022 

Hi,

May I have this patch reviewed?

This is one of a few steps to improve the EC performance. The multiplicative inverse implementation could be improved for better performance. 

For secp256r1 prime p, the current  multiplicative inverse impl needs 256 square and 128 multiplication.  With the path, the operation needs 256 square and 37 multiplication.

For secp256r1 order n, the current  multiplicative inverse impl needs 256 square and 169 multiplication. With the patch, the operation needs  256 square and 107 multiplication.

Here is the benchmark numbers before the patch applied:

Benchmark        (messageLength)   Mode  Cnt     Score    Error  Units
Signatures.sign               64  thrpt   15  1412.644 ±  5.529  ops/s
Signatures.sign              512  thrpt   15  1407.711 ± 14.118  ops/s
Signatures.sign             2048  thrpt   15  1415.674 ±  6.965  ops/s
Signatures.sign            16384  thrpt   15  1395.582 ± 12.689  ops/s


And the following are the benchmarking after the patch applied.

Benchmark        (messageLength)   Mode  Cnt     Score    Error  Units
Signatures.sign               64  thrpt   15  1458.862 ±  4.615  ops/s
Signatures.sign              512  thrpt   15  1450.755 ± 12.954  ops/s
Signatures.sign             2048  thrpt   15  1460.395 ±  4.371  ops/s
Signatures.sign            16384  thrpt   15  1436.843 ±  4.420  ops/s



It looks like the performance improvement is no significant enough for now.  But it may be 2+ times more in numbers when the scalar multiplication implementation is improved in a follow-up enhancement in another pull request.

Thanks,
Xuelei

-------------

Commit messages:
 - replace tab with whitrespaces
 - add field order impl
 - 8294731: Improve multiplicative inverse for EC implementation

Changes: https://git.openjdk.org/jdk/pull/10544/files
 Webrev: https://webrevs.openjdk.org/?repo=jdk&pr=10544&range=00
  Issue: https://bugs.openjdk.org/browse/JDK-8294731
  Stats: 207 lines in 2 files changed: 205 ins; 0 del; 2 mod
  Patch: https://git.openjdk.org/jdk/pull/10544.diff
  Fetch: git fetch https://git.openjdk.org/jdk pull/10544/head:pull/10544

PR: https://git.openjdk.org/jdk/pull/10544

More information about the security-dev mailing list