RFR: 8294731: Improve multiplicative inverse for secp256r1 implementation [v2]
Xue-Lei Andrew Fan
xuelei at openjdk.org
Sat Oct 8 15:34:57 UTC 2022
On Thu, 6 Oct 2022 19:35:09 GMT, Daniel Jeliński <djelinski at openjdk.org> wrote:
> could you also try using precomputed powers of t between 0-15? similar to what we do in [ECOperations.multiply](https://github.com/openjdk/jdk/blob/2ae8e3118385bdf93c50bca550334734b69bc2b6/src/jdk.crypto.ec/share/classes/sun/security/ec/ECOperations.java#L231) (see `pointMultiples`). This will also improve the number of multiplications.
0-15 may be too much for the P256 order field because of the bit sets in it. I tried 0-8 and 0-4. 0-4 has a little bit better benchmark numbers. The two is about the same for multiplication numbers, but 0-8 uses more memory. In the last commit, 0-4 is used for caching as it is more memory friendly.
-------------
PR: https://git.openjdk.org/jdk/pull/10544
More information about the security-dev
mailing list