microsoft
/
PQCrypto-SIDH
зеркало из https://github.com/microsoft/PQCrypto-SIDH.git
1
0
Форкнуть 0
Код Задачи Пакеты Проекты Релизы Вики Активность

Release v3.5

This commit is contained in:
Patrick Longa 2022-03-18 18:16:08 -07:00
Родитель effa607f24
Коммит 1dc2413b2d
86 изменённых файлов: 4216 добавлений и 4365 удалений
Показать статистику Скачать Patch файл Скачать Diff файл Показать все файлы Свернуть все файлы

61
Makefile
Просмотреть файл

@ -77,7 +77,7 @@ else
CFLAGS= $(EXTRA_CFLAGS)
endif
CFLAGS+= $(VALGRIND_CFLAGS)
CFLAGS+= -std=gnu11 -Wall $(ADDITIONAL_SETTINGS) -D $(ARCHITECTURE) -D __NIX__ -D $(USE_OPT_LEVEL) $(MULX) $(ADX)
CFLAGS+= -std=gnu11 -Wall $(ADDITIONAL_SETTINGS) -D $(ARCHITECTURE) -D __NIX__ -D $(USE_OPT_LEVEL) $(MULX) $(ADX) -Wno-missing-braces
LDFLAGS=-lm
ifeq "$(USE_OPT_LEVEL)" "_GENERIC_"
EXTRA_OBJECTS_434=objs434/fp_generic.o
@ -106,7 +106,7 @@ OBJECTS_503_COMP=objs503comp/P503_compressed.o $(EXTRA_OBJECTS_503) objs/random.
OBJECTS_610_COMP=objs610comp/P610_compressed.o $(EXTRA_OBJECTS_610) objs/random.o objs/fips202.o
OBJECTS_751_COMP=objs751comp/P751_compressed.o $(EXTRA_OBJECTS_751) objs/random.o objs/fips202.o
all: lib434 lib503 lib610 lib751 lib434comp lib503comp lib610comp lib751comp tests KATS
all: lib434 lib503 lib610 lib751 lib434comp lib503comp lib610comp lib751comp tests_p434 tests_p503 tests_p610 tests_p751
objs434/%.o: src/P434/%.c
@mkdir -p $(@D)
@ -259,28 +259,6 @@ lib751comp: $(OBJECTS_751_COMP)
$(AR) lib751comp/libsidh.a $^
$(RANLIB) lib751comp/libsidh.a
tests: lib434 lib434comp lib503 lib503comp lib610 lib610comp lib751 lib751comp
$(CC) $(CFLAGS) -L./lib434 tests/arith_tests-p434.c tests/test_extras.c -lsidh $(LDFLAGS) -o arith_tests-p434 $(ARM_SETTING)
$(CC) $(CFLAGS) -L./lib503 tests/arith_tests-p503.c tests/test_extras.c -lsidh $(LDFLAGS) -o arith_tests-p503 $(ARM_SETTING)
$(CC) $(CFLAGS) -L./lib610 tests/arith_tests-p610.c tests/test_extras.c -lsidh $(LDFLAGS) -o arith_tests-p610 $(ARM_SETTING)
$(CC) $(CFLAGS) -L./lib751 tests/arith_tests-p751.c tests/test_extras.c -lsidh $(LDFLAGS) -o arith_tests-p751 $(ARM_SETTING)
$(CC) $(CFLAGS) -L./lib434 tests/test_SIDHp434.c tests/test_extras.c -lsidh $(LDFLAGS) -o sidh434/test_SIDH $(ARM_SETTING)
$(CC) $(CFLAGS) -L./lib503 tests/test_SIDHp503.c tests/test_extras.c -lsidh $(LDFLAGS) -o sidh503/test_SIDH $(ARM_SETTING)
$(CC) $(CFLAGS) -L./lib610 tests/test_SIDHp610.c tests/test_extras.c -lsidh $(LDFLAGS) -o sidh610/test_SIDH $(ARM_SETTING)
$(CC) $(CFLAGS) -L./lib751 tests/test_SIDHp751.c tests/test_extras.c -lsidh $(LDFLAGS) -o sidh751/test_SIDH $(ARM_SETTING)
$(CC) $(CFLAGS) -L./lib434 tests/test_SIKEp434.c tests/test_extras.c -lsidh $(LDFLAGS) -o sike434/test_SIKE $(ARM_SETTING)
$(CC) $(CFLAGS) -L./lib503 tests/test_SIKEp503.c tests/test_extras.c -lsidh $(LDFLAGS) -o sike503/test_SIKE $(ARM_SETTING)
$(CC) $(CFLAGS) -L./lib610 tests/test_SIKEp610.c tests/test_extras.c -lsidh $(LDFLAGS) -o sike610/test_SIKE $(ARM_SETTING)
$(CC) $(CFLAGS) -L./lib751 tests/test_SIKEp751.c tests/test_extras.c -lsidh $(LDFLAGS) -o sike751/test_SIKE $(ARM_SETTING)
$(CC) $(CFLAGS) -L./lib434comp tests/test_SIDHp434_compressed.c tests/test_extras.c -lsidh $(LDFLAGS) -o sidh434_compressed/test_SIDH $(ARM_SETTING)
$(CC) $(CFLAGS) -L./lib503comp tests/test_SIDHp503_compressed.c tests/test_extras.c -lsidh $(LDFLAGS) -o sidh503_compressed/test_SIDH $(ARM_SETTING)
$(CC) $(CFLAGS) -L./lib610comp tests/test_SIDHp610_compressed.c tests/test_extras.c -lsidh $(LDFLAGS) -o sidh610_compressed/test_SIDH $(ARM_SETTING)
$(CC) $(CFLAGS) -L./lib751comp tests/test_SIDHp751_compressed.c tests/test_extras.c -lsidh $(LDFLAGS) -o sidh751_compressed/test_SIDH $(ARM_SETTING)
$(CC) $(CFLAGS) -L./lib434comp tests/test_SIKEp434_compressed.c tests/test_extras.c -lsidh $(LDFLAGS) -o sike434_compressed/test_SIKE $(ARM_SETTING)
$(CC) $(CFLAGS) -L./lib503comp tests/test_SIKEp503_compressed.c tests/test_extras.c -lsidh $(LDFLAGS) -o sike503_compressed/test_SIKE $(ARM_SETTING)
$(CC) $(CFLAGS) -L./lib610comp tests/test_SIKEp610_compressed.c tests/test_extras.c -lsidh $(LDFLAGS) -o sike610_compressed/test_SIKE $(ARM_SETTING)
$(CC) $(CFLAGS) -L./lib751comp tests/test_SIKEp751_compressed.c tests/test_extras.c -lsidh $(LDFLAGS) -o sike751_compressed/test_SIKE $(ARM_SETTING)
# AES
AES_OBJS=objs/aes.o objs/aes_c.o
@ -320,17 +298,40 @@ lib751comp_for_KATs: $(OBJECTS_751_COMP) $(AES_OBJS)
$(AR) lib751comp/libsidh_for_testing.a $^
$(RANLIB) lib751comp/libsidh_for_testing.a
KATS: lib434_for_KATs lib503_for_KATs lib610_for_KATs lib751_for_KATs lib434comp_for_KATs lib503comp_for_KATs lib610comp_for_KATs lib751comp_for_KATs
tests_p434: lib434 lib434comp lib434_for_KATs lib434comp_for_KATs
$(CC) $(CFLAGS) -L./lib434 tests/arith_tests-p434.c tests/test_extras.c -lsidh $(LDFLAGS) -o arith_tests-p434 $(ARM_SETTING)
$(CC) $(CFLAGS) -L./lib434 tests/test_SIDHp434.c tests/test_extras.c -lsidh $(LDFLAGS) -o sidh434/test_SIDH $(ARM_SETTING)
$(CC) $(CFLAGS) -L./lib434 tests/test_SIKEp434.c tests/test_extras.c -lsidh $(LDFLAGS) -o sike434/test_SIKE $(ARM_SETTING)
$(CC) $(CFLAGS) -L./lib434comp tests/test_SIDHp434_compressed.c tests/test_extras.c -lsidh $(LDFLAGS) -o sidh434_compressed/test_SIDH $(ARM_SETTING)
$(CC) $(CFLAGS) -L./lib434comp tests/test_SIKEp434_compressed.c tests/test_extras.c -lsidh $(LDFLAGS) -o sike434_compressed/test_SIKE $(ARM_SETTING)
$(CC) $(CFLAGS) -L./lib434 tests/PQCtestKAT_kem434.c tests/rng/rng.c -lsidh_for_testing $(LDFLAGS) -o sike434/PQCtestKAT_kem $(ARM_SETTING)
$(CC) $(CFLAGS) -L./lib503 tests/PQCtestKAT_kem503.c tests/rng/rng.c -lsidh_for_testing $(LDFLAGS) -o sike503/PQCtestKAT_kem $(ARM_SETTING)
$(CC) $(CFLAGS) -L./lib610 tests/PQCtestKAT_kem610.c tests/rng/rng.c -lsidh_for_testing $(LDFLAGS) -o sike610/PQCtestKAT_kem $(ARM_SETTING)
$(CC) $(CFLAGS) -L./lib751 tests/PQCtestKAT_kem751.c tests/rng/rng.c -lsidh_for_testing $(LDFLAGS) -o sike751/PQCtestKAT_kem $(ARM_SETTING)
$(CC) $(CFLAGS) -L./lib434comp tests/PQCtestKAT_kem434_compressed.c tests/rng/rng.c -lsidh_for_testing $(LDFLAGS) -o sike434_compressed/PQCtestKAT_kem $(ARM_SETTING)
tests_p503: lib503 lib503comp lib503_for_KATs lib503comp_for_KATs
$(CC) $(CFLAGS) -L./lib503 tests/arith_tests-p503.c tests/test_extras.c -lsidh $(LDFLAGS) -o arith_tests-p503 $(ARM_SETTING)
$(CC) $(CFLAGS) -L./lib503 tests/test_SIDHp503.c tests/test_extras.c -lsidh $(LDFLAGS) -o sidh503/test_SIDH $(ARM_SETTING)
$(CC) $(CFLAGS) -L./lib503 tests/test_SIKEp503.c tests/test_extras.c -lsidh $(LDFLAGS) -o sike503/test_SIKE $(ARM_SETTING)
$(CC) $(CFLAGS) -L./lib503comp tests/test_SIDHp503_compressed.c tests/test_extras.c -lsidh $(LDFLAGS) -o sidh503_compressed/test_SIDH $(ARM_SETTING)
$(CC) $(CFLAGS) -L./lib503comp tests/test_SIKEp503_compressed.c tests/test_extras.c -lsidh $(LDFLAGS) -o sike503_compressed/test_SIKE $(ARM_SETTING)
$(CC) $(CFLAGS) -L./lib503 tests/PQCtestKAT_kem503.c tests/rng/rng.c -lsidh_for_testing $(LDFLAGS) -o sike503/PQCtestKAT_kem $(ARM_SETTING)
$(CC) $(CFLAGS) -L./lib503comp tests/PQCtestKAT_kem503_compressed.c tests/rng/rng.c -lsidh_for_testing $(LDFLAGS) -o sike503_compressed/PQCtestKAT_kem $(ARM_SETTING)
tests_p610: lib610 lib610comp lib610_for_KATs lib610comp_for_KATs
$(CC) $(CFLAGS) -L./lib610 tests/arith_tests-p610.c tests/test_extras.c -lsidh $(LDFLAGS) -o arith_tests-p610 $(ARM_SETTING)
$(CC) $(CFLAGS) -L./lib610 tests/test_SIDHp610.c tests/test_extras.c -lsidh $(LDFLAGS) -o sidh610/test_SIDH $(ARM_SETTING)
$(CC) $(CFLAGS) -L./lib610 tests/test_SIKEp610.c tests/test_extras.c -lsidh $(LDFLAGS) -o sike610/test_SIKE $(ARM_SETTING)
$(CC) $(CFLAGS) -L./lib610comp tests/test_SIDHp610_compressed.c tests/test_extras.c -lsidh $(LDFLAGS) -o sidh610_compressed/test_SIDH $(ARM_SETTING)
$(CC) $(CFLAGS) -L./lib610comp tests/test_SIKEp610_compressed.c tests/test_extras.c -lsidh $(LDFLAGS) -o sike610_compressed/test_SIKE $(ARM_SETTING)
$(CC) $(CFLAGS) -L./lib610 tests/PQCtestKAT_kem610.c tests/rng/rng.c -lsidh_for_testing $(LDFLAGS) -o sike610/PQCtestKAT_kem $(ARM_SETTING)
$(CC) $(CFLAGS) -L./lib610comp tests/PQCtestKAT_kem610_compressed.c tests/rng/rng.c -lsidh_for_testing $(LDFLAGS) -o sike610_compressed/PQCtestKAT_kem $(ARM_SETTING)
$(CC) $(CFLAGS) -L./lib751comp tests/PQCtestKAT_kem751_compressed.c tests/rng/rng.c -lsidh_for_testing $(LDFLAGS) -o sike751_compressed/PQCtestKAT_kem $(ARM_SETTING)
tests_p751: lib751 lib751comp lib751_for_KATs lib751comp_for_KATs
$(CC) $(CFLAGS) -L./lib751 tests/arith_tests-p751.c tests/test_extras.c -lsidh $(LDFLAGS) -o arith_tests-p751 $(ARM_SETTING)
$(CC) $(CFLAGS) -L./lib751 tests/test_SIDHp751.c tests/test_extras.c -lsidh $(LDFLAGS) -o sidh751/test_SIDH $(ARM_SETTING)
$(CC) $(CFLAGS) -L./lib751 tests/test_SIKEp751.c tests/test_extras.c -lsidh $(LDFLAGS) -o sike751/test_SIKE $(ARM_SETTING)
$(CC) $(CFLAGS) -L./lib751comp tests/test_SIDHp751_compressed.c tests/test_extras.c -lsidh $(LDFLAGS) -o sidh751_compressed/test_SIDH $(ARM_SETTING)
$(CC) $(CFLAGS) -L./lib751comp tests/test_SIKEp751_compressed.c tests/test_extras.c -lsidh $(LDFLAGS) -o sike751_compressed/test_SIKE $(ARM_SETTING)
$(CC) $(CFLAGS) -L./lib751 tests/PQCtestKAT_kem751.c tests/rng/rng.c -lsidh_for_testing $(LDFLAGS) -o sike751/PQCtestKAT_kem $(ARM_SETTING)
$(CC) $(CFLAGS) -L./lib751comp tests/PQCtestKAT_kem751_compressed.c tests/rng/rng.c -lsidh_for_testing $(LDFLAGS) -o sike751_compressed/PQCtestKAT_kem $(ARM_SETTING)
check: tests
check: tests_p434 tests_p503 tests_p610 tests_p751
test434:
ifeq "$(DO_VALGRIND_CHECK)" "TRUE"

33
README.md
Просмотреть файл

@ -1,7 +1,7 @@
# SIDH v3.4 (C Edition)
# SIDH v3.5 (C Edition)
The **SIDH** library is an efficient supersingular isogeny-based cryptography library written in C language.
**Version v3.4** of the library includes the ephemeral Diffie-Hellman key exchange scheme "SIDH" [1,2], and the CCA-secure
**Version v3.5** of the library includes the ephemeral Diffie-Hellman key exchange scheme "SIDH" [1,2], and the CCA-secure
key encapsulation mechanism "SIKE" [3]. These schemes are conjectured to be secure against quantum computer attacks.
Concretely, the SIDH library includes the following KEM schemes:
@ -91,9 +91,13 @@ The library was developed by [Microsoft Research](http://research.microsoft.com/
- Memory optimizations for compressed SIDH and compressed SIKE.
## New in Version 3.5
- New implementations of the quadratic extension field arithmetic for x64 processors on Linux [13].
## Supported Platforms
**SIDH v3.4** is supported on a wide range of platforms including x64, x86, ARM and s390x processors running Windows,
**SIDH v3.5** is supported on a wide range of platforms including x64, x86, ARM and s390x processors running Windows,
Linux or Mac OS X. We have tested the library with Microsoft Visual Studio 2015, GNU GCC v5.4, and clang v3.8.
See instructions below to choose an implementation option and compile on one of the supported platforms.
@ -121,7 +125,7 @@ optimizations using MULX/ADX.
Other options for x64:
```sh
$ make ARCH=x64 CC=[gcc/clang] OPT_LEVEL=[FAST/GENERIC] USE_MULX=[TRUE/FALSE] USE_ADX=[TRUE/FALSE]
$ make tests_pXXX ARCH=x64 CC=[gcc/clang] OPT_LEVEL=[FAST/GENERIC] USE_MULX=[TRUE/FALSE] USE_ADX=[TRUE/FALSE]
```
When `OPT_LEVEL=FAST` (i.e., assembly use enabled), the user is responsible for setting the flags MULX and ADX
@ -129,17 +133,18 @@ according to the targeted platform (for example, MULX/ADX are not supported on S
is supported on Haswell, and both MULX and ADX are supported on Broadwell, Skylake and Kaby Lake architectures).
Note that USE_ADX can only be set to `TRUE` if `USE_MULX=TRUE`.
The option `USE_MULX=FALSE` with `USE_ADX=FALSE` is only supported on p503 and p751.
The use of `tests_pXXX`, for any value XXX in [434,503,610,751], allows to compile only one parameter set at a time.
Options for x86/ARM/M1/s390x:
```sh
$ make ARCH=[x86/ARM/M1/s390x] CC=[gcc/clang]
$ make tests_pXXX ARCH=[x86/ARM/M1/s390x] CC=[gcc/clang]
```
Options for ARM64 or Apple M1:
```sh
$ make ARCH=[ARM64/M1] CC=[gcc/clang] OPT_LEVEL=[FAST/GENERIC]
$ make tests_pXXX ARCH=[ARM64/M1] CC=[gcc/clang] OPT_LEVEL=[FAST/GENERIC]
```
As in the x64 case, `OPT_LEVEL=FAST` enables the use of assembly optimizations on ARMv8 platforms.
@ -209,7 +214,7 @@ The library includes some third party modules that are licensed differently. In
- `tests/PQCtestKAT_kem<#>.c`: copyrighted by Lawrence E. Bassham
- `src/sha3/fips202.c`: public domain
## Contributors
## Other contributors
- Basil Hess.
- Geovandro Pereira.
@ -223,8 +228,8 @@ The extended version is available [`here`](http://eprint.iacr.org/2016/413).
[2] David Jao and Luca DeFeo, "Towards quantum-resistant cryptosystems from supersingular elliptic curve isogenies". PQCrypto 2011, LNCS 7071, pp. 19-34, 2011.
The extended version is available [`here`](https://eprint.iacr.org/2011/506).
[3] Reza Azarderakhsh, Matthew Campagna, Craig Costello, Luca De Feo, Basil Hess, Amir Jalali, David Jao, Brian Koziel, Brian LaMacchia, Patrick Longa, Michael Naehrig, Joost Renes, Vladimir Soukharev, and David Urbanik, "Supersingular Isogeny Key Encapsulation". Submission to the NIST Post-Quantum Standardization project, 2017.
The round 2 submission package is available [`here`](https://csrc.nist.gov/CSRC/media/Projects/Post-Quantum-Cryptography/documents/round-2/submissions/SIKE-Round2.zip).
[3] Reza Azarderakhsh, Matthew Campagna, Craig Costello, Luca De Feo, Basil Hess, Aaron Hutchinson, Amir Jalali, Koray Karabina, David Jao, Brian Koziel, Brian LaMacchia, Patrick Longa, Michael Naehrig, Geovandro Pereira, Joost Renes, Vladimir Soukharev, and David Urbanik, "Supersingular Isogeny Key Encapsulation (SIKE)", 2017.
The specifications document is available [`here`](https://sike.org).
[4] Craig Costello, and Huseyin Hisil, "A simple and compact algorithm for SIDH with arbitrary degree isogenies". Advances in Cryptology - ASIACRYPT 2017, LNCS 10625, pp. 303-329, 2017.
The preprint version is available [`here`](https://eprint.iacr.org/2017/504).
@ -235,10 +240,10 @@ The preprint version is available [`here`](https://eprint.iacr.org/2017/1015).
[6] Gora Adj, Daniel Cervantes-Vázquez, Jesús-Javier Chi-Domínguez, Alfred Menezes and Francisco Rodríguez-Henríquez, "On the cost of computing isogenies between supersingular elliptic curves". SAC 2018, LCNS 11349, pp. 322-343, 2018.
The preprint version is available [`here`](https://eprint.iacr.org/2018/313).
[7] Samuel Jaques and John M. Schanck, "Quantum cryptanalysis in the RAM model: Claw-finding attacks on SIKE". Advances in Cryptology - CRYPTO 2019 (to appear), 2019.
[7] Samuel Jaques and John M. Schanck, "Quantum cryptanalysis in the RAM model: Claw-finding attacks on SIKE". Advances in Cryptology - CRYPTO 2019, 2019.
The preprint version is available [`here`](https://eprint.iacr.org/2019/103).
[8] Craig Costello, Patrick Longa, Michael Naehrig, Joost Renes and Fernando Virdia, "Improved Classical Cryptanalysis of the Computational Supersingular Isogeny Problem", 2019.
[8] Craig Costello, Patrick Longa, Michael Naehrig, Joost Renes and Fernando Virdia, "Improved classical cryptanalysis of the computational supersingular isogeny problem". PKC 2020, LCNS 12111, pp. 505-534, 2020.
The preprint version is available [`here`](https://eprint.iacr.org/2019/298).
[9] Craig Costello, David Jao, Patrick Longa, Michael Naehrig, Joost Renes and David Urbanik, "Efficient compression of SIDH public keys". Advances in Cryptology - EUROCRYPT 2017, LNCS 10210, pp. 679-706, 2017.
@ -247,12 +252,14 @@ The preprint version is available [`here`](https://eprint.iacr.org/2016/963).
[10] Gustavo H.M. Zanon, Marcos A. Simplicio Jr, Geovandro C.C.F. Pereira, Javad Doliskani and Paulo S.L.M. Barreto, "Faster key compression for isogeny-based cryptosystems". IEEE Transactions on Computers, Vol. 68(5), 2019.
The preprint version is available [`here`](https://eprint.iacr.org/2017/1143).
[11] Michael Naehrig and Joost Renes, "Dual Isogenies and Their Application to Public-key Compression for Isogeny-based Cryptography". Advances in Cryptology - ASIACRYPT 2019, LNCS 11922, pp. 243-272, 2019.
[11] Michael Naehrig and Joost Renes, "Dual isogenies and their application to public-key compression for isogeny-based cryptography". Advances in Cryptology - ASIACRYPT 2019, LNCS 11922, pp. 243-272, 2019.
The preprint version is available [`here`](https://eprint.iacr.org/2019/499).
[12] Geovandro C.C.F. Pereira, Javad Doliskani and David Jao, "x-only point addition formula and faster torsion basis generation in compressed SIKE".
[12] Geovandro C.C.F. Pereira, Javad Doliskani and David Jao, "x-only point addition formula and faster torsion basis generation in compressed SIKE". JCEN, Vol. 11, pp. 57-69, 2021.
The preprint version is available [`here`](https://eprint.iacr.org/2020/431).
[13] Patrick Longa, "Efficient algorithms for large prime characteristic fields and their application to bilinear pairings and supersingular isogeny-based protocols", 2022.
# Contributing
This project has adopted the [Microsoft Open Source Code of Conduct](https://opensource.microsoft.com/codeofconduct/). For more information see the [Code of Conduct FAQ](https://opensource.microsoft.com/codeofconduct/faq/) or contact [opencode@microsoft.com](mailto:opencode@microsoft.com) with any additional questions or comments.

66
src/P434/AMD64/fp_x64.c
Просмотреть файл

@ -1,5 +1,9 @@
/********************************************************************************************
* SIDH: an efficient supersingular isogeny cryptography library
* Copyright (c) Microsoft Corporation
*
* Website: https://github.com/microsoft/PQCrypto-SIDH
* Released under MIT license
*
* Abstract: modular arithmetic optimized for x64 platforms for P434
*********************************************************************************************/
@ -17,7 +21,7 @@ extern const uint64_t p434x4[NWORDS_FIELD];
inline void mp_sub434_p2(const digit_t* a, const digit_t* b, digit_t* c)
{ // Multiprecision subtraction with correction with 2*p, c = a-b+2p.
#if (OS_TARGET == OS_WIN) || defined(GENERIC_IMPLEMENTATION) || (TARGET == TARGET_ARM) || (TARGET == TARGET_ARM64 && NBITS_FIELD == 610)
#if (OS_TARGET == OS_WIN)
unsigned int i, borrow = 0;
for (i = 0; i < NWORDS_FIELD; i++) {
@ -39,7 +43,7 @@ inline void mp_sub434_p2(const digit_t* a, const digit_t* b, digit_t* c)
inline void mp_sub434_p4(const digit_t* a, const digit_t* b, digit_t* c)
{ // Multiprecision subtraction with correction with 4*p, c = a-b+4p.
#if (OS_TARGET == OS_WIN) || defined(GENERIC_IMPLEMENTATION) || (TARGET == TARGET_ARM) || (TARGET == TARGET_ARM64 && NBITS_FIELD == 610)
#if (OS_TARGET == OS_WIN)
unsigned int i, borrow = 0;
for (i = 0; i < NWORDS_FIELD; i++) {
@ -50,11 +54,6 @@ inline void mp_sub434_p4(const digit_t* a, const digit_t* b, digit_t* c)
for (i = 0; i < NWORDS_FIELD; i++) {
ADDC(borrow, c[i], ((digit_t*)p434x4)[i], borrow, c[i]);
}
#elif (OS_TARGET == OS_NIX)
mp_sub434_p4_asm(a, b, c);
#endif
}
@ -161,13 +160,42 @@ void fpcorrection434(digit_t* a)
}
}
#if (OS_TARGET == OS_NIX)
void fp2mul434_c0_mont(const digit_t* a, const digit_t* b, digit_t* c)
{
fp2mul434_c0_asm(a, b, c);
}
void fp2mul434_c1_mont(const digit_t* a, const digit_t* b, digit_t* c)
{
fp2mul434_c1_asm(a, b, c);
}
void fp2sqr434_c0_mont(const digit_t* a, digit_t* c)
{
fp2sqr434_c0_asm(a, c);
}
void fp2sqr434_c1_mont(const digit_t* a, digit_t* c)
{
fp2sqr434_c1_asm(a, c);
}
void fpmul434(const digit_t* a, const digit_t* b, digit_t* c)
{
fpmul434_asm(a, b, c);
}
#else
void mp_mul(const digit_t* a, const digit_t* b, digit_t* c, const unsigned int nwords)
{ // Multiprecision multiply, c = a*b, where lng(a) = lng(b) = nwords.
UNREFERENCED_PARAMETER(nwords);
#if (OS_TARGET == OS_WIN)
digit_t t = 0;
uint128_t uv = {0};
unsigned int carry = 0;
@ -330,12 +358,6 @@ void mp_mul(const digit_t* a, const digit_t* b, digit_t* c, const unsigned int n
MULADD128(a[6], b[6], uv, carry, uv);
c[12] = uv[0];
c[13] = uv[1];
#elif (OS_TARGET == OS_NIX)
mul434_asm(a, b, c);
#endif
}
@ -343,9 +365,7 @@ void rdc_mont(digit_t* ma, digit_t* mc)
{ // Montgomery reduction exploiting special form of the prime.
// mc = ma*R^-1 mod p434x2, where R = 2^448.
// If ma < 2^448*p434, the output mc is in the range [0, 2*p434-1].
// ma is assumed to be in Montgomery representation.
#if (OS_TARGET == OS_WIN)
// ma is assumed to be in Montgomery representation.
unsigned int carry;
digit_t t = 0;
uint128_t uv = {0};
@ -478,11 +498,7 @@ void rdc_mont(digit_t* ma, digit_t* mc)
MULADD128(mc[6], ((digit_t*)p434p1)[6], uv, carry, uv);
t += carry;
ADDC(0, uv[0], ma[12], carry, mc[5]);
ADDC(carry, uv[1], ma[13], carry, mc[6]);
#elif (OS_TARGET == OS_NIX)
rdc434_asm(ma, mc);
ADDC(carry, uv[1], ma[13], carry, mc[6]);
}
#endif
}
#endif

1825
src/P434/AMD64/fp_x64_asm.S
Просмотреть файл

Разница между файлами не показана из-за своего большого размера Загрузить разницу

15
src/P434/ARM64/fp_arm64.c
Просмотреть файл

@ -1,10 +1,15 @@
/********************************************************************************************
* SIDH: an efficient supersingular isogeny cryptography library
* Copyright (c) Microsoft Corporation
*
* Website: https://github.com/microsoft/PQCrypto-SIDH
* Released under MIT license
*
* Abstract: modular arithmetic optimized for 64-bit ARMv8 platforms for P434
*********************************************************************************************/
#include "../P434_internal.h"
#include "../../internal.h"
// Global constants
extern const uint64_t p434[NWORDS_FIELD];
@ -13,21 +18,21 @@ extern const uint64_t p434x2[NWORDS_FIELD];
extern const uint64_t p434x4[NWORDS_FIELD];
__inline void mp_sub434_p2(const digit_t* a, const digit_t* b, digit_t* c)
inline void mp_sub434_p2(const digit_t* a, const digit_t* b, digit_t* c)
{ // Multiprecision subtraction with correction with 2*p, c = a-b+2p.
mp_sub434_p2_asm(a, b, c);
}
__inline void mp_sub434_p4(const digit_t* a, const digit_t* b, digit_t* c)
inline void mp_sub434_p4(const digit_t* a, const digit_t* b, digit_t* c)
{ // Multiprecision subtraction with correction with 4*p, c = a-b+4p.
mp_sub434_p4_asm(a, b, c);
}
__inline void fpadd434(const digit_t* a, const digit_t* b, digit_t* c)
inline void fpadd434(const digit_t* a, const digit_t* b, digit_t* c)
{ // Modular addition, c = a+b mod p434.
// Inputs: a, b in [0, 2*p434-1]
// Output: c in [0, 2*p434-1]
@ -36,7 +41,7 @@ __inline void fpadd434(const digit_t* a, const digit_t* b, digit_t* c)
}
__inline void fpsub434(const digit_t* a, const digit_t* b, digit_t* c)
inline void fpsub434(const digit_t* a, const digit_t* b, digit_t* c)
{ // Modular subtraction, c = a-b mod p434.
// Inputs: a, b in [0, 2*p434-1]
// Output: c in [0, 2*p434-1]
@ -45,7 +50,7 @@ __inline void fpsub434(const digit_t* a, const digit_t* b, digit_t* c)
}
__inline void fpneg434(digit_t* a)
inline void fpneg434(digit_t* a)
{ // Modular negation, a = -a mod p434.
// Input/output: a in [0, 2*p434-1]
unsigned int i, borrow = 0;

4
src/P434/ARM64/fp_arm64_asm.S
Просмотреть файл

@ -1,5 +1,9 @@
//*******************************************************************************************
// SIDH: an efficient supersingular isogeny cryptography library
// Copyright (c) Microsoft Corporation
//
// Website: https://github.com/microsoft/PQCrypto-SIDH
// Released under MIT license
//
// Abstract: field arithmetic in 64-bit ARMv8 assembly for P434 on Linux
//*******************************************************************************************

17
src/P434/P434.c
Просмотреть файл

@ -1,5 +1,9 @@
/********************************************************************************************
* SIDH: an efficient supersingular isogeny cryptography library
* Copyright (c) Microsoft Corporation
*
* Website: https://github.com/microsoft/PQCrypto-SIDH
* Released under MIT license
*
* Abstract: supersingular isogeny parameters and generation of functions for P434
*********************************************************************************************/
@ -27,12 +31,10 @@ const uint64_t p434x2[NWORDS64_FIELD] = { 0xFFFFFFFFFFFFFFFE, 0xFFFFF
0xF78CB8F062B15D47, 0xD9F8BFAD038A40AC, 0x0004683E4E2EE688 };
const uint64_t p434x4[NWORDS64_FIELD] = { 0xFFFFFFFFFFFFFFFC, 0xFFFFFFFFFFFFFFFF, 0xFFFFFFFFFFFFFFFF, 0xF705D9EB8BFFFFFF,
0xEF1971E0C562BA8F, 0xB3F17F5A07148159, 0x0008D07C9C5DCD11 };
const uint64_t p434x8[NWORDS64_FIELD] = { 0xFFFFFFFFFFFFFFF8, 0xFFFFFFFFFFFFFFFF, 0xFFFFFFFFFFFFFFFF, 0xEE0BB3D717FFFFFF,
0xDE32E3C18AC5751F, 0x67E2FEB40E2902B3, 0x0011A0F938BB9A23 };
const uint64_t p434p1[NWORDS64_FIELD] = { 0x0000000000000000, 0x0000000000000000, 0x0000000000000000, 0xFDC1767AE3000000,
0x7BC65C783158AEA3, 0x6CFC5FD681C52056, 0x0002341F27177344 };
const uint64_t p434x16p[2*NWORDS64_FIELD] = { 0x0000000000000010, 0x0000000000000000, 0x0000000000000000, 0x47D130A3A0000000,
0x873470F9D4EA2B80, 0x6074052FC75BF530, 0x54497C1B1D119772, 0xC55F373D2CDCA412,
0x732CA2221C664B96, 0x6445AB96AF6359A5, 0x221708AB42ABE1B4, 0xAE3D3D0063244F01,
0x18B920F2ECF68816, 0x0000004DB194809D };
0x7BC65C783158AEA3, 0x6CFC5FD681C52056, 0x0002341F27177344 };
// Order of Alice's subgroup
const uint64_t Alice_order[NWORDS64_ORDER] = { 0x0000000000000000, 0x0000000000000000, 0x0000000000000000, 0x0000000001000000 };
// Order of Bob's subgroup
@ -90,6 +92,7 @@ const unsigned int strat_Bob[MAX_Bob-1] = {
#define fpneg fpneg434
#define fpdiv2 fpdiv2_434
#define fpcorrection fpcorrection434
#define fpmul fpmul434
#define fpmul_mont fpmul434_mont
#define fpsqr_mont fpsqr434_mont
#define fpinv_mont fpinv434_mont
@ -107,6 +110,10 @@ const unsigned int strat_Bob[MAX_Bob-1] = {
#define fp2correction fp2correction434
#define fp2mul_mont fp2mul434_mont
#define fp2sqr_mont fp2sqr434_mont
#define fp2mul_c0_mont fp2mul434_c0_mont
#define fp2mul_c1_mont fp2mul434_c1_mont
#define fp2sqr_c0_mont fp2sqr434_c0_mont
#define fp2sqr_c1_mont fp2sqr434_c1_mont
#define fp2inv_mont fp2inv434_mont
#define fp2inv_mont_bingcd fp2inv434_mont_bingcd
#define fpequal_non_constant_time fpequal434_non_constant_time

4
src/P434/P434_api.h
Просмотреть файл

@ -1,5 +1,9 @@
/********************************************************************************************
* SIDH: an efficient supersingular isogeny cryptography library
* Copyright (c) Microsoft Corporation
*
* Website: https://github.com/microsoft/PQCrypto-SIDH
* Released under MIT license
*
* Abstract: API header file for P434
*********************************************************************************************/

15
src/P434/P434_compressed.c
Просмотреть файл

@ -1,5 +1,9 @@
/********************************************************************************************
* Supersingular Isogeny Key Encapsulation Library
* Copyright (c) Microsoft Corporation
*
* Website: https://github.com/microsoft/PQCrypto-SIDH
* Released under MIT license
*
* Abstract: supersingular isogeny parameters and generation of functions for P434_compressed
*********************************************************************************************/
@ -28,12 +32,10 @@ const uint64_t p434x2[NWORDS64_FIELD] = { 0xFFFFFFFFFFFFFFFE, 0xFFFFF
0xF78CB8F062B15D47, 0xD9F8BFAD038A40AC, 0x0004683E4E2EE688 };
const uint64_t p434x4[NWORDS64_FIELD] = { 0xFFFFFFFFFFFFFFFC, 0xFFFFFFFFFFFFFFFF, 0xFFFFFFFFFFFFFFFF, 0xF705D9EB8BFFFFFF,
0xEF1971E0C562BA8F, 0xB3F17F5A07148159, 0x0008D07C9C5DCD11 };
const uint64_t p434x8[NWORDS64_FIELD] = { 0xFFFFFFFFFFFFFFF8, 0xFFFFFFFFFFFFFFFF, 0xFFFFFFFFFFFFFFFF, 0xEE0BB3D717FFFFFF,
0xDE32E3C18AC5751F, 0x67E2FEB40E2902B3, 0x0011A0F938BB9A23 };
const uint64_t p434p1[NWORDS64_FIELD] = { 0x0000000000000000, 0x0000000000000000, 0x0000000000000000, 0xFDC1767AE3000000,
0x7BC65C783158AEA3, 0x6CFC5FD681C52056, 0x0002341F27177344 };
const uint64_t p434x16p[2*NWORDS64_FIELD] = { 0x0000000000000010, 0x0000000000000000, 0x0000000000000000, 0x47D130A3A0000000,
0x873470F9D4EA2B80, 0x6074052FC75BF530, 0x54497C1B1D119772, 0xC55F373D2CDCA412,
0x732CA2221C664B96, 0x6445AB96AF6359A5, 0x221708AB42ABE1B4, 0xAE3D3D0063244F01,
0x18B920F2ECF68816, 0x0000004DB194809D };
// Order of Alice's subgroup
const uint64_t Alice_order[NWORDS64_ORDER] = { 0x0000000000000000, 0x0000000000000000, 0x0000000000000000, 0x0000000001000000 };
// Order of Bob's subgroup
@ -346,6 +348,7 @@ const uint64_t v_3_torsion[TABLE_V3_LEN][2 * NWORDS64_FIELD] =
#define fpneg fpneg434
#define fpdiv2 fpdiv2_434
#define fpcorrection fpcorrection434
#define fpmul fpmul434
#define fpmul_mont fpmul434_mont
#define fpsqr_mont fpsqr434_mont
#define fpinv_mont fpinv434_mont
@ -363,6 +366,10 @@ const uint64_t v_3_torsion[TABLE_V3_LEN][2 * NWORDS64_FIELD] =
#define fp2correction fp2correction434
#define fp2mul_mont fp2mul434_mont
#define fp2sqr_mont fp2sqr434_mont
#define fp2mul_c0_mont fp2mul434_c0_mont
#define fp2mul_c1_mont fp2mul434_c1_mont
#define fp2sqr_c0_mont fp2sqr434_c0_mont
#define fp2sqr_c1_mont fp2sqr434_c1_mont
#define fp2inv_mont fp2inv434_mont
#define fp2inv_mont_bingcd fp2inv434_mont_bingcd
#define fpequal_non_constant_time fpequal434_non_constant_time

4
src/P434/P434_compressed_api.h
Просмотреть файл

@ -1,5 +1,9 @@
/********************************************************************************************
* SIDH: an efficient supersingular isogeny cryptography library
* Copyright (c) Microsoft Corporation
*
* Website: https://github.com/microsoft/PQCrypto-SIDH
* Released under MIT license
*
* Abstract: API header file for P434 using compression
*********************************************************************************************/

4
src/P434/P434_compressed_dlog_tables.c
Просмотреть файл

@ -1,5 +1,9 @@
/********************************************************************************************
* SIDH: an efficient supersingular isogeny cryptography library
* Copyright (c) Microsoft Corporation
*
* Website: https://github.com/microsoft/PQCrypto-SIDH
* Released under MIT license
*
* Abstract: precomputed tables for Pohlig-Hellman when using compression
*********************************************************************************************/

4
src/P434/P434_compressed_pair_tables.c
Просмотреть файл

@ -1,5 +1,9 @@
/**************************************************************************************************
* SIDH: an efficient supersingular isogeny cryptography library
* Copyright (c) Microsoft Corporation
*
* Website: https://github.com/microsoft/PQCrypto-SIDH
* Released under MIT license
*
* Abstract: precomputed tables for pairing computation on E0: y^2 = x^3 + x when using compression
***************************************************************************************************/

14
src/P434/P434_internal.h
Просмотреть файл

@ -1,5 +1,9 @@
/********************************************************************************************
* SIDH: an efficient supersingular isogeny cryptography library
* Copyright (c) Microsoft Corporation
*
* Website: https://github.com/microsoft/PQCrypto-SIDH
* Released under MIT license
*
* Abstract: internal header file for P434
*********************************************************************************************/
@ -168,6 +172,8 @@ void rdc434_asm(digit_t* ma, digit_t* mc);
// Field multiplication using Montgomery arithmetic, c = a*b*R^-1 mod p434, where R=2^768
void fpmul434_mont(const digit_t* a, const digit_t* b, digit_t* c);
void fpmul434(const digit_t* a, const digit_t* b, digit_t* c);
void fpmul434_asm(const digit_t* a, const digit_t* b, digit_t* c);
void mul434_asm(const digit_t* a, const digit_t* b, digit_t* c);
// Field squaring using Montgomery arithmetic, c = a*b*R^-1 mod p434, where R=2^768
@ -207,9 +213,17 @@ void fp2correction434(f2elm_t a);
// GF(p434^2) squaring using Montgomery arithmetic, c = a^2 in GF(p434^2)
void fp2sqr434_mont(const f2elm_t a, f2elm_t c);
void fp2sqr434_c0_mont(const digit_t* a, digit_t* c);
void fp2sqr434_c0_asm(const digit_t* a, digit_t* c);
void fp2sqr434_c1_mont(const digit_t* a, digit_t* c);
void fp2sqr434_c1_asm(const digit_t* a, digit_t* c);
// GF(p434^2) multiplication using Montgomery arithmetic, c = a*b in GF(p434^2)
void fp2mul434_mont(const f2elm_t a, const f2elm_t b, f2elm_t c);
void fp2mul434_c0_mont(const digit_t* a, const digit_t* b, digit_t* c);
void fp2mul434_c0_asm(const digit_t* a, const digit_t* b, digit_t* c);
void fp2mul434_c1_mont(const digit_t* a, const digit_t* b, digit_t* c);
void fp2mul434_c1_asm(const digit_t* a, const digit_t* b, digit_t* c);
// GF(p434^2) inversion using Montgomery arithmetic, a = (a0-i*a1)/(a0^2+a1^2)
void fp2inv434_mont(f2elm_t a);

4
src/P434/generic/fp_generic.c
Просмотреть файл

@ -1,5 +1,9 @@
/********************************************************************************************
* SIDH: an efficient supersingular isogeny cryptography library
* Copyright (c) Microsoft Corporation
*
* Website: https://github.com/microsoft/PQCrypto-SIDH
* Released under MIT license
*
* Abstract: portable modular arithmetic for P434
*********************************************************************************************/

65
src/P503/AMD64/fp_x64.c
Просмотреть файл

@ -1,5 +1,9 @@
/********************************************************************************************
* SIDH: an efficient supersingular isogeny cryptography library
* Copyright (c) Microsoft Corporation
*
* Website: https://github.com/microsoft/PQCrypto-SIDH
* Released under MIT license
*
* Abstract: modular arithmetic optimized for x64 platforms for P503
*********************************************************************************************/
@ -17,7 +21,7 @@ extern const uint64_t p503x4[NWORDS_FIELD];
inline void mp_sub503_p2(const digit_t* a, const digit_t* b, digit_t* c)
{ // Multiprecision subtraction with correction with 2*p, c = a-b+2p.
#if (OS_TARGET == OS_WIN) || defined(GENERIC_IMPLEMENTATION) || (TARGET == TARGET_ARM) || (TARGET == TARGET_ARM64 && NBITS_FIELD == 610)
#if (OS_TARGET == OS_WIN)
unsigned int i, borrow = 0;
for (i = 0; i < NWORDS_FIELD; i++) {
@ -39,7 +43,7 @@ inline void mp_sub503_p2(const digit_t* a, const digit_t* b, digit_t* c)
inline void mp_sub503_p4(const digit_t* a, const digit_t* b, digit_t* c)
{ // Multiprecision subtraction with correction with 4*p, c = a-b+4p.
#if (OS_TARGET == OS_WIN) || defined(GENERIC_IMPLEMENTATION) || (TARGET == TARGET_ARM) || (TARGET == TARGET_ARM64 && NBITS_FIELD == 610)
#if (OS_TARGET == OS_WIN)
unsigned int i, borrow = 0;
for (i = 0; i < NWORDS_FIELD; i++) {
@ -50,11 +54,6 @@ inline void mp_sub503_p4(const digit_t* a, const digit_t* b, digit_t* c)
for (i = 0; i < NWORDS_FIELD; i++) {
ADDC(borrow, c[i], ((digit_t*)p503x4)[i], borrow, c[i]);
}
#elif (OS_TARGET == OS_NIX)
mp_sub503_p4_asm(a, b, c);
#endif
}
@ -161,13 +160,43 @@ void fpcorrection503(digit_t* a)
}
}
#if (OS_TARGET == OS_NIX)
void fp2mul503_c0_mont(const digit_t* a, const digit_t* b, digit_t* c)
{
fp2mul503_c0_asm(a, b, c);
}
void fp2mul503_c1_mont(const digit_t* a, const digit_t* b, digit_t* c)
{
fp2mul503_c1_asm(a, b, c);
}
void fp2sqr503_c0_mont(const digit_t* a, digit_t* c)
{
fp2sqr503_c0_asm(a, c);
}
void fp2sqr503_c1_mont(const digit_t* a, digit_t* c)
{
fp2sqr503_c1_asm(a, c);
}
void fpmul503(const digit_t* a, const digit_t* b, digit_t* c)
{
fpmul503_asm(a, b, c);
}
#else
void mp_mul(const digit_t* a, const digit_t* b, digit_t* c, const unsigned int nwords)
{ // Multiprecision multiply, c = a*b, where lng(a) = lng(b) = nwords.
UNREFERENCED_PARAMETER(nwords);
#if (OS_TARGET == OS_WIN)
digit_t t = 0;
uint128_t uv = {0};
unsigned int carry = 0;
@ -370,12 +399,6 @@ void mp_mul(const digit_t* a, const digit_t* b, digit_t* c, const unsigned int n
MULADD128(a[7], b[7], uv, carry, uv);
c[14] = uv[0];
c[15] = uv[1];
#elif (OS_TARGET == OS_NIX)
mul503_asm(a, b, c);
#endif
}
@ -384,8 +407,6 @@ void rdc_mont(digit_t* ma, digit_t* mc)
// mc = ma*R^-1 mod p503x2, where R = 2^512.
// If ma < 2^512*p503, the output mc is in the range [0, 2*p503-1].
// ma is assumed to be in Montgomery representation.
#if (OS_TARGET == OS_WIN)
unsigned int carry;
digit_t t = 0;
uint128_t uv = {0};
@ -559,11 +580,7 @@ void rdc_mont(digit_t* ma, digit_t* mc)
t += carry;
ADDC(0, uv[0], ma[14], carry, mc[6]);
ADDC(carry, uv[1], 0, carry, uv[1]);
ADDC(0, uv[1], ma[15], carry, mc[7]);
#elif (OS_TARGET == OS_NIX)
rdc503_asm(ma, mc);
ADDC(0, uv[1], ma[15], carry, mc[7]);
}
#endif
}
#endif

3485
src/P503/AMD64/fp_x64_asm.S
Просмотреть файл

Разница между файлами не показана из-за своего большого размера Загрузить разницу

15
src/P503/ARM64/fp_arm64.c
Просмотреть файл

@ -1,10 +1,15 @@
/********************************************************************************************
* SIDH: an efficient supersingular isogeny cryptography library
* Copyright (c) Microsoft Corporation
*
* Website: https://github.com/microsoft/PQCrypto-SIDH
* Released under MIT license
*
* Abstract: modular arithmetic optimized for 64-bit ARMv8 platforms for P503
*********************************************************************************************/
#include "../P503_internal.h"
#include "../../internal.h"
// Global constants
extern const uint64_t p503[NWORDS_FIELD];
@ -13,21 +18,21 @@ extern const uint64_t p503x2[NWORDS_FIELD];
extern const uint64_t p503x4[NWORDS_FIELD];
__inline void mp_sub503_p2(const digit_t* a, const digit_t* b, digit_t* c)
inline void mp_sub503_p2(const digit_t* a, const digit_t* b, digit_t* c)
{ // Multiprecision subtraction with correction with 2*p, c = a-b+2p.
mp_sub503_p2_asm(a, b, c);
}
__inline void mp_sub503_p4(const digit_t* a, const digit_t* b, digit_t* c)
inline void mp_sub503_p4(const digit_t* a, const digit_t* b, digit_t* c)
{ // Multiprecision subtraction with correction with 4*p, c = a-b+4p.
mp_sub503_p4_asm(a, b, c);
}
__inline void fpadd503(const digit_t* a, const digit_t* b, digit_t* c)
inline void fpadd503(const digit_t* a, const digit_t* b, digit_t* c)
{ // Modular addition, c = a+b mod p503.
// Inputs: a, b in [0, 2*p503-1]
// Output: c in [0, 2*p503-1]
@ -36,7 +41,7 @@ __inline void fpadd503(const digit_t* a, const digit_t* b, digit_t* c)
}
__inline void fpsub503(const digit_t* a, const digit_t* b, digit_t* c)
inline void fpsub503(const digit_t* a, const digit_t* b, digit_t* c)
{ // Modular subtraction, c = a-b mod p503.
// Inputs: a, b in [0, 2*p503-1]
// Output: c in [0, 2*p503-1]
@ -45,7 +50,7 @@ __inline void fpsub503(const digit_t* a, const digit_t* b, digit_t* c)
}
__inline void fpneg503(digit_t* a)
inline void fpneg503(digit_t* a)
{ // Modular negation, a = -a mod p503.
// Input/output: a in [0, 2*p503-1]
unsigned int i, borrow = 0;

4
src/P503/ARM64/fp_arm64_asm.S
Просмотреть файл

@ -1,5 +1,9 @@
//*******************************************************************************************
// SIDH: an efficient supersingular isogeny cryptography library
// Copyright (c) Microsoft Corporation
//
// Website: https://github.com/microsoft/PQCrypto-SIDH
// Released under MIT license
//
// Abstract: field arithmetic in 64-bit ARMv8 assembly for P503 on Linux
//*******************************************************************************************

16
src/P503/P503.c
Просмотреть файл

@ -1,5 +1,9 @@
/********************************************************************************************
* SIDH: an efficient supersingular isogeny cryptography library
* Copyright (c) Microsoft Corporation
*
* Website: https://github.com/microsoft/PQCrypto-SIDH
* Released under MIT license
*
* Abstract: supersingular isogeny parameters and generation of functions for P503
*********************************************************************************************/
@ -27,13 +31,10 @@ const uint64_t p503x2[NWORDS64_FIELD] = { 0xFFFFFFFFFFFFFFFE, 0xFFFFF
0x2610B7B44423CF41, 0x3737ED90F6FCFB5E, 0xC08B8D7BB4EF49A0, 0x0080CDEA83023C3C };
const uint64_t p503x4[NWORDS64_FIELD] = { 0xFFFFFFFFFFFFFFFC, 0xFFFFFFFFFFFFFFFF, 0xFFFFFFFFFFFFFFFF, 0xAFFFFFFFFFFFFFFF,
0x4C216F6888479E82, 0x6E6FDB21EDF9F6BC, 0x81171AF769DE9340, 0x01019BD506047879 };
const uint64_t p503x8[NWORDS64_FIELD] = { 0xFFFFFFFFFFFFFFF8, 0xFFFFFFFFFFFFFFFF, 0xFFFFFFFFFFFFFFFF, 0x5FFFFFFFFFFFFFFF,
0x9842DED1108F3D05, 0xDCDFB643DBF3ED78, 0x022E35EED3BD2680, 0x020337AA0C08F0F3 };
const uint64_t p503p1[NWORDS64_FIELD] = { 0x0000000000000000, 0x0000000000000000, 0x0000000000000000, 0xAC00000000000000,
0x13085BDA2211E7A0, 0x1B9BF6C87B7E7DAF, 0x6045C6BDDA77A4D0, 0x004066F541811E1E };
const uint64_t p503p1x64[NWORDS64_FIELD/2] = { 0xC216F6888479E82B, 0xE6FDB21EDF9F6BC4, 0x1171AF769DE93406, 0x1019BD5060478798 };
const uint64_t p503x16p[2*NWORDS64_FIELD] = { 0x0000000000000010, 0x0000000000000000, 0x0000000000000000, 0x8000000000000000,
0x9EF484BBBDC30BEA, 0x8C8126F090304A1D, 0xF7472844B10B65FC, 0x30F32157CFDC3C33,
0x1463AB4329A333F7, 0xDFC933977C47D3A4, 0x338A3767F6F2520B, 0x4F8CB7565CCC13FA,
0xDE43B73AACD2189B, 0xBCF845CAC5405FBD, 0x516D02A09E684B7A, 0x0001033A4091BB86 };
// Order of Alice's subgroup
const uint64_t Alice_order[NWORDS64_ORDER] = { 0x0000000000000000, 0x0000000000000000, 0x0000000000000000, 0x0400000000000000 };
// Order of Bob's subgroup
@ -96,6 +97,7 @@ const unsigned int strat_Bob[MAX_Bob-1] = {
#define fpneg fpneg503
#define fpdiv2 fpdiv2_503
#define fpcorrection fpcorrection503
#define fpmul fpmul503
#define fpmul_mont fpmul503_mont
#define fpsqr_mont fpsqr503_mont
#define fpinv_mont fpinv503_mont
@ -113,6 +115,10 @@ const unsigned int strat_Bob[MAX_Bob-1] = {
#define fp2correction fp2correction503
#define fp2mul_mont fp2mul503_mont
#define fp2sqr_mont fp2sqr503_mont
#define fp2mul_c0_mont fp2mul503_c0_mont
#define fp2mul_c1_mont fp2mul503_c1_mont
#define fp2sqr_c0_mont fp2sqr503_c0_mont
#define fp2sqr_c1_mont fp2sqr503_c1_mont
#define fp2inv_mont fp2inv503_mont
#define fp2inv_mont_bingcd fp2inv503_mont_bingcd
#define fpequal_non_constant_time fpequal503_non_constant_time

4
src/P503/P503_api.h
Просмотреть файл

@ -1,5 +1,9 @@
/********************************************************************************************
* SIDH: an efficient supersingular isogeny cryptography library
* Copyright (c) Microsoft Corporation
*
* Website: https://github.com/microsoft/PQCrypto-SIDH
* Released under MIT license
*
* Abstract: API header file for P503
*********************************************************************************************/

16
src/P503/P503_compressed.c
Просмотреть файл

@ -1,5 +1,9 @@
/********************************************************************************************
* Supersingular Isogeny Key Encapsulation Library
* Copyright (c) Microsoft Corporation
*
* Website: https://github.com/microsoft/PQCrypto-SIDH
* Released under MIT license
*
* Abstract: supersingular isogeny parameters and generation of functions for P503_compressed
*********************************************************************************************/
@ -28,13 +32,10 @@ const uint64_t p503x2[NWORDS64_FIELD] = { 0xFFFFFFFFFFFFFFFE, 0xFFFFF
0x2610B7B44423CF41, 0x3737ED90F6FCFB5E, 0xC08B8D7BB4EF49A0, 0x0080CDEA83023C3C };
const uint64_t p503x4[NWORDS64_FIELD] = { 0xFFFFFFFFFFFFFFFC, 0xFFFFFFFFFFFFFFFF, 0xFFFFFFFFFFFFFFFF, 0xAFFFFFFFFFFFFFFF,
0x4C216F6888479E82, 0x6E6FDB21EDF9F6BC, 0x81171AF769DE9340, 0x01019BD506047879 };
const uint64_t p503x8[NWORDS64_FIELD] = { 0xFFFFFFFFFFFFFFF8, 0xFFFFFFFFFFFFFFFF, 0xFFFFFFFFFFFFFFFF, 0x5FFFFFFFFFFFFFFF,
0x9842DED1108F3D05, 0xDCDFB643DBF3ED78, 0x022E35EED3BD2680, 0x020337AA0C08F0F3 };
const uint64_t p503p1[NWORDS64_FIELD] = { 0x0000000000000000, 0x0000000000000000, 0x0000000000000000, 0xAC00000000000000,
0x13085BDA2211E7A0, 0x1B9BF6C87B7E7DAF, 0x6045C6BDDA77A4D0, 0x004066F541811E1E };
const uint64_t p503p1x64[NWORDS64_FIELD/2] = { 0xC216F6888479E82B, 0xE6FDB21EDF9F6BC4, 0x1171AF769DE93406, 0x1019BD5060478798 };
const uint64_t p503x16p[2*NWORDS64_FIELD] = { 0x0000000000000010, 0x0000000000000000, 0x0000000000000000, 0x8000000000000000,
0x9EF484BBBDC30BEA, 0x8C8126F090304A1D, 0xF7472844B10B65FC, 0x30F32157CFDC3C33,
0x1463AB4329A333F7, 0xDFC933977C47D3A4, 0x338A3767F6F2520B, 0x4F8CB7565CCC13FA,
0xDE43B73AACD2189B, 0xBCF845CAC5405FBD, 0x516D02A09E684B7A, 0x0001033A4091BB86 };
// Order of Alice's subgroup
const uint64_t Alice_order[NWORDS64_ORDER] = { 0x0000000000000000, 0x0000000000000000, 0x0000000000000000, 0x0400000000000000 };
// Order of Bob's subgroup
@ -353,6 +354,7 @@ const uint64_t v_3_torsion[TABLE_V3_LEN][2 * NWORDS64_FIELD] =
#define fpneg fpneg503
#define fpdiv2 fpdiv2_503
#define fpcorrection fpcorrection503
#define fpmul fpmul503
#define fpmul_mont fpmul503_mont
#define fpsqr_mont fpsqr503_mont
#define fpinv_mont fpinv503_mont
@ -370,6 +372,10 @@ const uint64_t v_3_torsion[TABLE_V3_LEN][2 * NWORDS64_FIELD] =
#define fp2correction fp2correction503
#define fp2mul_mont fp2mul503_mont
#define fp2sqr_mont fp2sqr503_mont
#define fp2mul_c0_mont fp2mul503_c0_mont
#define fp2mul_c1_mont fp2mul503_c1_mont
#define fp2sqr_c0_mont fp2sqr503_c0_mont
#define fp2sqr_c1_mont fp2sqr503_c1_mont
#define fp2inv_mont fp2inv503_mont
#define fp2inv_mont_bingcd fp2inv503_mont_bingcd
#define fpequal_non_constant_time fpequal503_non_constant_time

4
src/P503/P503_compressed_api.h
Просмотреть файл

@ -1,5 +1,9 @@
/********************************************************************************************
* SIDH: an efficient supersingular isogeny cryptography library
* Copyright (c) Microsoft Corporation
*
* Website: https://github.com/microsoft/PQCrypto-SIDH
* Released under MIT license
*
* Abstract: API header file for P503 using compression
*********************************************************************************************/

4
src/P503/P503_compressed_dlog_tables.c
Просмотреть файл

@ -1,5 +1,9 @@
/********************************************************************************************
* SIDH: an efficient supersingular isogeny cryptography library
* Copyright (c) Microsoft Corporation
*
* Website: https://github.com/microsoft/PQCrypto-SIDH
* Released under MIT license
*
* Abstract: precomputed tables for Pohlig-Hellman when using compression
*********************************************************************************************/

4
src/P503/P503_compressed_pair_tables.c
Просмотреть файл

@ -1,5 +1,9 @@
/**************************************************************************************************
* SIDH: an efficient supersingular isogeny cryptography library
* Copyright (c) Microsoft Corporation
*
* Website: https://github.com/microsoft/PQCrypto-SIDH
* Released under MIT license
*
* Abstract: precomputed tables for pairing computation on E0: y^2 = x^3 + x when using compression
***************************************************************************************************/

14
src/P503/P503_internal.h
Просмотреть файл

@ -1,5 +1,9 @@
/********************************************************************************************
* SIDH: an efficient supersingular isogeny cryptography library
* Copyright (c) Microsoft Corporation
*
* Website: https://github.com/microsoft/PQCrypto-SIDH
* Released under MIT license
*
* Abstract: internal header file for P503
*********************************************************************************************/
@ -168,6 +172,8 @@ void rdc503_asm(digit_t* ma, digit_t* mc);
// Field multiplication using Montgomery arithmetic, c = a*b*R^-1 mod p503, where R=2^768
void fpmul503_mont(const digit_t* a, const digit_t* b, digit_t* c);
void fpmul503(const digit_t* a, const digit_t* b, digit_t* c);
void fpmul503_asm(const digit_t* a, const digit_t* b, digit_t* c);
void mul503_asm(const digit_t* a, const digit_t* b, digit_t* c);
// Field squaring using Montgomery arithmetic, c = a*b*R^-1 mod p503, where R=2^768
@ -207,9 +213,17 @@ void fp2correction503(f2elm_t a);
// GF(p503^2) squaring using Montgomery arithmetic, c = a^2 in GF(p503^2)
void fp2sqr503_mont(const f2elm_t a, f2elm_t c);
void fp2sqr503_c0_mont(const digit_t* a, digit_t* c);
void fp2sqr503_c0_asm(const digit_t* a, digit_t* c);
void fp2sqr503_c1_mont(const digit_t* a, digit_t* c);
void fp2sqr503_c1_asm(const digit_t* a, digit_t* c);
// GF(p503^2) multiplication using Montgomery arithmetic, c = a*b in GF(p503^2)
void fp2mul503_mont(const f2elm_t a, const f2elm_t b, f2elm_t c);
void fp2mul503_c0_mont(const digit_t* a, const digit_t* b, digit_t* c);
void fp2mul503_c0_asm(const digit_t* a, const digit_t* b, digit_t* c);
void fp2mul503_c1_mont(const digit_t* a, const digit_t* b, digit_t* c);
void fp2mul503_c1_asm(const digit_t* a, const digit_t* b, digit_t* c);
// GF(p503^2) inversion using Montgomery arithmetic, a = (a0-i*a1)/(a0^2+a1^2)
void fp2inv503_mont(f2elm_t a);

4
src/P503/generic/fp_generic.c
Просмотреть файл

@ -1,5 +1,9 @@
/********************************************************************************************
* SIDH: an efficient supersingular isogeny cryptography library
* Copyright (c) Microsoft Corporation
*
* Website: https://github.com/microsoft/PQCrypto-SIDH
* Released under MIT license
*
* Abstract: portable modular arithmetic for P503
*********************************************************************************************/

63
src/P610/AMD64/fp_x64.c
Просмотреть файл

@ -1,5 +1,9 @@
/********************************************************************************************
* SIDH: an efficient supersingular isogeny cryptography library
* Copyright (c) Microsoft Corporation
*
* Website: https://github.com/microsoft/PQCrypto-SIDH
* Released under MIT license
*
* Abstract: modular arithmetic optimized for x64 platforms for P610
*********************************************************************************************/
@ -17,7 +21,7 @@ extern const uint64_t p610x4[NWORDS_FIELD];
inline void mp_sub610_p2(const digit_t* a, const digit_t* b, digit_t* c)
{ // Multiprecision subtraction with correction with 2*p, c = a-b+2p.
#if (OS_TARGET == OS_WIN) || defined(GENERIC_IMPLEMENTATION) || (TARGET == TARGET_ARM) || (TARGET == TARGET_ARM64 && NBITS_FIELD == 610)
#if (OS_TARGET == OS_WIN)
unsigned int i, borrow = 0;
for (i = 0; i < NWORDS_FIELD; i++) {
@ -39,7 +43,7 @@ inline void mp_sub610_p2(const digit_t* a, const digit_t* b, digit_t* c)
inline void mp_sub610_p4(const digit_t* a, const digit_t* b, digit_t* c)
{ // Multiprecision subtraction with correction with 4*p, c = a-b+4p.
#if (OS_TARGET == OS_WIN) || defined(GENERIC_IMPLEMENTATION) || (TARGET == TARGET_ARM) || (TARGET == TARGET_ARM64 && NBITS_FIELD == 610)
#if (OS_TARGET == OS_WIN)
unsigned int i, borrow = 0;
for (i = 0; i < NWORDS_FIELD; i++) {
@ -50,11 +54,6 @@ inline void mp_sub610_p4(const digit_t* a, const digit_t* b, digit_t* c)
for (i = 0; i < NWORDS_FIELD; i++) {
ADDC(borrow, c[i], ((digit_t*)p610x4)[i], borrow, c[i]);
}
#elif (OS_TARGET == OS_NIX)
mp_sub610_p4_asm(a, b, c);
#endif
}
@ -161,13 +160,43 @@ void fpcorrection610(digit_t* a)
}
}
#if (OS_TARGET == OS_NIX)
void fp2mul610_c0_mont(const digit_t* a, const digit_t* b, digit_t* c)
{
fp2mul610_c0_asm(a, b, c);
}
void fp2mul610_c1_mont(const digit_t* a, const digit_t* b, digit_t* c)
{
fp2mul610_c1_asm(a, b, c);
}
void fp2sqr610_c0_mont(const digit_t* a, digit_t* c)
{
fp2sqr610_c0_asm(a, c);
}
void fp2sqr610_c1_mont(const digit_t* a, digit_t* c)
{
fp2sqr610_c1_asm(a, c);
}
void fpmul610(const digit_t* a, const digit_t* b, digit_t* c)
{
fpmul610_asm(a, b, c);
}
#else
void mp_mul(const digit_t* a, const digit_t* b, digit_t* c, const unsigned int nwords)
{ // Multiprecision multiply, c = a*b, where lng(a) = lng(b) = nwords.
UNREFERENCED_PARAMETER(nwords);
#if (OS_TARGET == OS_WIN)
digit_t t = 0;
uint128_t uv = {0};
unsigned int carry = 0;
@ -462,12 +491,6 @@ void mp_mul(const digit_t* a, const digit_t* b, digit_t* c, const unsigned int n
MULADD128(a[9], b[9], uv, carry, uv);
c[18] = uv[0];
c[19] = uv[1];
#elif (OS_TARGET == OS_NIX)
mul610_asm(a, b, c);
#endif
}
@ -476,8 +499,6 @@ void rdc_mont(digit_t* ma, digit_t* mc)
// mc = ma*R^-1 mod p610x2, where R = 2^640.
// If ma < 2^640*p610, the output mc is in the range [0, 2*p610-1].
// ma is assumed to be in Montgomery representation.
#if (OS_TARGET == OS_WIN)
unsigned int carry;
digit_t t = 0;
uint128_t uv = {0};
@ -717,10 +738,6 @@ void rdc_mont(digit_t* ma, digit_t* mc)
ADDC(0, uv[0], ma[18], carry, mc[8]);
ADDC(carry, uv[1], 0, carry, uv[1]);
ADDC(0, uv[1], ma[19], carry, mc[9]);
#elif (OS_TARGET == OS_NIX)
rdc610_asm(ma, mc);
}
#endif
}
#endif

2390
src/P610/AMD64/fp_x64_asm.S
Просмотреть файл

Разница между файлами не показана из-за своего большого размера Загрузить разницу

15
src/P610/ARM64/fp_arm64.c
Просмотреть файл

@ -1,10 +1,15 @@
/********************************************************************************************
* SIDH: an efficient supersingular isogeny cryptography library
* Copyright (c) Microsoft Corporation
*
* Website: https://github.com/microsoft/PQCrypto-SIDH
* Released under MIT license
*
* Abstract: modular arithmetic optimized for 64-bit ARMv8 platforms for P610
*********************************************************************************************/
#include "../P610_internal.h"
#include "../../internal.h"
// Global constants
extern const uint64_t p610[NWORDS_FIELD];
@ -13,21 +18,21 @@ extern const uint64_t p610x2[NWORDS_FIELD];
extern const uint64_t p610x4[NWORDS_FIELD];
__inline void mp_sub610_p2(const digit_t* a, const digit_t* b, digit_t* c)
inline void mp_sub610_p2(const digit_t* a, const digit_t* b, digit_t* c)
{ // Multiprecision subtraction with correction with 2*p, c = a-b+2p.
mp_sub610_p2_asm(a, b, c);
}
__inline void mp_sub610_p4(const digit_t* a, const digit_t* b, digit_t* c)
inline void mp_sub610_p4(const digit_t* a, const digit_t* b, digit_t* c)
{ // Multiprecision subtraction with correction with 4*p, c = a-b+4p.
mp_sub610_p4_asm(a, b, c);
}
__inline void fpadd610(const digit_t* a, const digit_t* b, digit_t* c)
inline void fpadd610(const digit_t* a, const digit_t* b, digit_t* c)
{ // Modular addition, c = a+b mod p610.
// Inputs: a, b in [0, 2*p610-1]
// Output: c in [0, 2*p610-1]
@ -36,7 +41,7 @@ __inline void fpadd610(const digit_t* a, const digit_t* b, digit_t* c)
}
__inline void fpsub610(const digit_t* a, const digit_t* b, digit_t* c)
inline void fpsub610(const digit_t* a, const digit_t* b, digit_t* c)
{ // Modular subtraction, c = a-b mod p610.
// Inputs: a, b in [0, 2*p610-1]
// Output: c in [0, 2*p610-1]
@ -45,7 +50,7 @@ __inline void fpsub610(const digit_t* a, const digit_t* b, digit_t* c)
}
__inline void fpneg610(digit_t* a)
inline void fpneg610(digit_t* a)
{ // Modular negation, a = -a mod p610.
// Input/output: a in [0, 2*p610-1]
unsigned int i, borrow = 0;

4
src/P610/ARM64/fp_arm64_asm.S
Просмотреть файл

@ -1,5 +1,9 @@
//*******************************************************************************************
// SIDH: an efficient supersingular isogeny cryptography library
// Copyright (c) Microsoft Corporation
//
// Website: https://github.com/microsoft/PQCrypto-SIDH
// Released under MIT license
//
// Abstract: field arithmetic in 64-bit ARMv8 assembly for P610 on Linux
//*******************************************************************************************

15
src/P610/P610.c
Просмотреть файл

@ -1,5 +1,9 @@
/********************************************************************************************
* SIDH: an efficient supersingular isogeny cryptography library
* Copyright (c) Microsoft Corporation
*
* Website: https://github.com/microsoft/PQCrypto-SIDH
* Released under MIT license
*
* Abstract: supersingular isogeny parameters and generation of functions for P610
*********************************************************************************************/
@ -27,12 +31,10 @@ const uint64_t p610x2[NWORDS64_FIELD] = { 0xFFFFFFFFFFFFFFFE, 0xFFFFF
0x62F09BD154B5605C, 0x35CF7E8A091FF357, 0x64AB65F421884A55, 0x03202184A3CFB119, 0x00000004F7ED4ED1 };
const uint64_t p610x4[NWORDS64_FIELD] = { 0xFFFFFFFFFFFFFFFC, 0xFFFFFFFFFFFFFFFF, 0xFFFFFFFFFFFFFFFF, 0xFFFFFFFFFFFFFFFF, 0xB807FFFFFFFFFFFF,
0xC5E137A2A96AC0B9, 0x6B9EFD14123FE6AE, 0xC956CBE8431094AA, 0x06404309479F6232, 0x00000009EFDA9DA2 };
const uint64_t p610x8[NWORDS64_FIELD] = { 0xFFFFFFFFFFFFFFF8, 0xFFFFFFFFFFFFFFFF, 0xFFFFFFFFFFFFFFFF, 0xFFFFFFFFFFFFFFFF, 0x700FFFFFFFFFFFFF,
0x8BC26F4552D58173, 0xD73DFA28247FCD5D, 0x92AD97D086212954, 0x0C8086128F3EC465, 0x00000013DFB53B44 };
const uint64_t p610p1[NWORDS64_FIELD] = { 0x0000000000000000, 0x0000000000000000, 0x0000000000000000, 0x0000000000000000, 0x6E02000000000000,
0xB1784DE8AA5AB02E, 0x9AE7BF45048FF9AB, 0xB255B2FA10C4252A, 0x819010C251E7D88C, 0x000000027BF6A768 };
const uint64_t p610x16p[2*NWORDS64_FIELD] = { 0x0000000000000010, 0x0000000000000000, 0x0000000000000000, 0x0000000000000000, 0x3FC0000000000000,
0xD0F642EAB4A9FA32, 0xA308175F6E00CA89, 0xB549A0BDE77B5AAC, 0xCDFDE7B5C304EE69, 0x7FDB7FF0812B12EF,
0xE09BA529B9FE1167, 0xD249C196DAB8CD7F, 0xD4E22754A3F20928, 0x97825638B19A7CCE, 0x05E04550FC4CCE0D,
0x8FB5DA1152CDE50C, 0xF9649BA3EA408644, 0x4473C93E6441063D, 0xBE190269D1337B7B, 0x0000000000000062 };
// Order of Alice's subgroup
const uint64_t Alice_order[NWORDS64_ORDER] = { 0x0000000000000000, 0x0000000000000000, 0x0000000000000000, 0x0000000000000000, 0x0002000000000000 };
// Order of Bob's subgroup
@ -98,6 +100,7 @@ const unsigned int strat_Bob[MAX_Bob-1] = {
#define fpneg fpneg610
#define fpdiv2 fpdiv2_610
#define fpcorrection fpcorrection610
#define fpmul fpmul610
#define fpmul_mont fpmul610_mont
#define fpsqr_mont fpsqr610_mont
#define fpinv_mont fpinv610_mont
@ -115,6 +118,10 @@ const unsigned int strat_Bob[MAX_Bob-1] = {
#define fp2correction fp2correction610
#define fp2mul_mont fp2mul610_mont
#define fp2sqr_mont fp2sqr610_mont
#define fp2mul_c0_mont fp2mul610_c0_mont
#define fp2mul_c1_mont fp2mul610_c1_mont
#define fp2sqr_c0_mont fp2sqr610_c0_mont
#define fp2sqr_c1_mont fp2sqr610_c1_mont
#define fp2inv_mont fp2inv610_mont
#define fp2inv_mont_bingcd fp2inv610_mont_bingcd
#define fpequal_non_constant_time fpequal610_non_constant_time

4
src/P610/P610_api.h
Просмотреть файл

@ -1,5 +1,9 @@
/********************************************************************************************
* SIDH: an efficient supersingular isogeny cryptography library
* Copyright (c) Microsoft Corporation
*
* Website: https://github.com/microsoft/PQCrypto-SIDH
* Released under MIT license
*
* Abstract: API header file for P610
*********************************************************************************************/

15
src/P610/P610_compressed.c
Просмотреть файл

@ -1,5 +1,9 @@
/********************************************************************************************
* Supersingular Isogeny Key Encapsulation Library
* Copyright (c) Microsoft Corporation
*
* Website: https://github.com/microsoft/PQCrypto-SIDH
* Released under MIT license
*
* Abstract: supersingular isogeny parameters and generation of functions for P610_compressed
*********************************************************************************************/
@ -28,12 +32,10 @@ const uint64_t p610x2[NWORDS64_FIELD] = { 0xFFFFFFFFFFFFFFFE, 0xFFFFF
0x62F09BD154B5605C, 0x35CF7E8A091FF357, 0x64AB65F421884A55, 0x03202184A3CFB119, 0x00000004F7ED4ED1 };
const uint64_t p610x4[NWORDS64_FIELD] = { 0xFFFFFFFFFFFFFFFC, 0xFFFFFFFFFFFFFFFF, 0xFFFFFFFFFFFFFFFF, 0xFFFFFFFFFFFFFFFF, 0xB807FFFFFFFFFFFF,
0xC5E137A2A96AC0B9, 0x6B9EFD14123FE6AE, 0xC956CBE8431094AA, 0x06404309479F6232, 0x00000009EFDA9DA2 };
const uint64_t p610x8[NWORDS64_FIELD] = { 0xFFFFFFFFFFFFFFF8, 0xFFFFFFFFFFFFFFFF, 0xFFFFFFFFFFFFFFFF, 0xFFFFFFFFFFFFFFFF, 0x700FFFFFFFFFFFFF,
0x8BC26F4552D58173, 0xD73DFA28247FCD5D, 0x92AD97D086212954, 0x0C8086128F3EC465, 0x00000013DFB53B44 };
const uint64_t p610p1[NWORDS64_FIELD] = { 0x0000000000000000, 0x0000000000000000, 0x0000000000000000, 0x0000000000000000, 0x6E02000000000000,
0xB1784DE8AA5AB02E, 0x9AE7BF45048FF9AB, 0xB255B2FA10C4252A, 0x819010C251E7D88C, 0x000000027BF6A768 };
const uint64_t p610x16p[2*NWORDS64_FIELD] = { 0x0000000000000010, 0x0000000000000000, 0x0000000000000000, 0x0000000000000000, 0x3FC0000000000000,
0xD0F642EAB4A9FA32, 0xA308175F6E00CA89, 0xB549A0BDE77B5AAC, 0xCDFDE7B5C304EE69, 0x7FDB7FF0812B12EF,
0xE09BA529B9FE1167, 0xD249C196DAB8CD7F, 0xD4E22754A3F20928, 0x97825638B19A7CCE, 0x05E04550FC4CCE0D,
0x8FB5DA1152CDE50C, 0xF9649BA3EA408644, 0x4473C93E6441063D, 0xBE190269D1337B7B, 0x0000000000000062 };
// Order of Alice's subgroup
const uint64_t Alice_order[NWORDS64_ORDER] = { 0x0000000000000000, 0x0000000000000000, 0x0000000000000000, 0x0000000000000000, 0x0002000000000000 };
// Order of Bob's subgroup
@ -341,6 +343,7 @@ const uint64_t v_3_torsion[TABLE_V3_LEN][2 * NWORDS64_FIELD] =
#define fpneg fpneg610
#define fpdiv2 fpdiv2_610
#define fpcorrection fpcorrection610
#define fpmul fpmul610
#define fpmul_mont fpmul610_mont
#define fpsqr_mont fpsqr610_mont
#define fpinv_mont fpinv610_mont
@ -358,6 +361,10 @@ const uint64_t v_3_torsion[TABLE_V3_LEN][2 * NWORDS64_FIELD] =
#define fp2correction fp2correction610
#define fp2mul_mont fp2mul610_mont
#define fp2sqr_mont fp2sqr610_mont
#define fp2mul_c0_mont fp2mul610_c0_mont
#define fp2mul_c1_mont fp2mul610_c1_mont
#define fp2sqr_c0_mont fp2sqr610_c0_mont
#define fp2sqr_c1_mont fp2sqr610_c1_mont
#define fp2inv_mont fp2inv610_mont
#define fp2inv_mont_bingcd fp2inv610_mont_bingcd
#define fpequal_non_constant_time fpequal610_non_constant_time

4
src/P610/P610_compressed_api.h
Просмотреть файл

@ -1,5 +1,9 @@
/********************************************************************************************
* SIDH: an efficient supersingular isogeny cryptography library
* Copyright (c) Microsoft Corporation
*
* Website: https://github.com/microsoft/PQCrypto-SIDH
* Released under MIT license
*
* Abstract: API header file for P610 using compression
*********************************************************************************************/

4
src/P610/P610_compressed_dlog_tables.c
Просмотреть файл

@ -1,5 +1,9 @@
/********************************************************************************************
* SIDH: an efficient supersingular isogeny cryptography library
* Copyright (c) Microsoft Corporation
*
* Website: https://github.com/microsoft/PQCrypto-SIDH
* Released under MIT license
*
* Abstract: precomputed tables for Pohlig-Hellman when using compression
*********************************************************************************************/

4
src/P610/P610_compressed_pair_tables.c
Просмотреть файл

@ -1,5 +1,9 @@
/**************************************************************************************************
* SIDH: an efficient supersingular isogeny cryptography library
* Copyright (c) Microsoft Corporation
*
* Website: https://github.com/microsoft/PQCrypto-SIDH
* Released under MIT license
*
* Abstract: precomputed tables for pairing computation on E0: y^2 = x^3 + x when using compression
***************************************************************************************************/

14
src/P610/P610_internal.h
Просмотреть файл

@ -1,5 +1,9 @@
/********************************************************************************************
* SIDH: an efficient supersingular isogeny cryptography library
* Copyright (c) Microsoft Corporation
*
* Website: https://github.com/microsoft/PQCrypto-SIDH
* Released under MIT license
*
* Abstract: internal header file for P610
*********************************************************************************************/
@ -170,6 +174,8 @@ void rdc610_asm(digit_t* ma, digit_t* mc);
// Field multiplication using Montgomery arithmetic, c = a*b*R^-1 mod p610, where R=2^640
void fpmul610_mont(const digit_t* a, const digit_t* b, digit_t* c);
void fpmul610(const digit_t* a, const digit_t* b, digit_t* c);
void fpmul610_asm(const digit_t* a, const digit_t* b, digit_t* c);
void mul610_asm(const digit_t* a, const digit_t* b, digit_t* c);
// Field squaring using Montgomery arithmetic, c = a*b*R^-1 mod p610, where R=2^640
@ -209,9 +215,17 @@ void fp2correction610(f2elm_t a);
// GF(p610^2) squaring using Montgomery arithmetic, c = a^2 in GF(p610^2)
void fp2sqr610_mont(const f2elm_t a, f2elm_t c);
void fp2sqr610_c0_mont(const digit_t* a, digit_t* c);
void fp2sqr610_c0_asm(const digit_t* a, digit_t* c);
void fp2sqr610_c1_mont(const digit_t* a, digit_t* c);
void fp2sqr610_c1_asm(const digit_t* a, digit_t* c);
// GF(p610^2) multiplication using Montgomery arithmetic, c = a*b in GF(p610^2)
void fp2mul610_mont(const f2elm_t a, const f2elm_t b, f2elm_t c);
void fp2mul610_c0_mont(const digit_t* a, const digit_t* b, digit_t* c);
void fp2mul610_c0_asm(const digit_t* a, const digit_t* b, digit_t* c);
void fp2mul610_c1_mont(const digit_t* a, const digit_t* b, digit_t* c);
void fp2mul610_c1_asm(const digit_t* a, const digit_t* b, digit_t* c);
// GF(p610^2) inversion using Montgomery arithmetic, a = (a0-i*a1)/(a0^2+a1^2)
void fp2inv610_mont(f2elm_t a);

4
src/P610/generic/fp_generic.c
Просмотреть файл

@ -1,5 +1,9 @@
/********************************************************************************************
* SIDH: an efficient supersingular isogeny cryptography library
* Copyright (c) Microsoft Corporation
*
* Website: https://github.com/microsoft/PQCrypto-SIDH
* Released under MIT license
*
* Abstract: portable modular arithmetic for P610
*********************************************************************************************/

8
src/P751/AMD64/fp_x64.c
Просмотреть файл

@ -1,5 +1,9 @@
/********************************************************************************************
* SIDH: an efficient supersingular isogeny cryptography library
* Copyright (c) Microsoft Corporation
*
* Website: https://github.com/microsoft/PQCrypto-SIDH
* Released under MIT license
*
* Abstract: modular arithmetic optimized for x64 platforms for P751
*********************************************************************************************/
@ -17,7 +21,7 @@ extern const uint64_t p751x4[NWORDS_FIELD];
inline void mp_sub751_p2(const digit_t* a, const digit_t* b, digit_t* c)
{ // Multiprecision subtraction with correction with 2*p, c = a-b+2p.
#if (OS_TARGET == OS_WIN) || defined(GENERIC_IMPLEMENTATION) || (TARGET == TARGET_ARM) || (TARGET == TARGET_ARM64 && NBITS_FIELD == 751)
#if (OS_TARGET == OS_WIN)
unsigned int i, borrow = 0;
for (i = 0; i < NWORDS_FIELD; i++) {
@ -39,7 +43,7 @@ inline void mp_sub751_p2(const digit_t* a, const digit_t* b, digit_t* c)
inline void mp_sub751_p4(const digit_t* a, const digit_t* b, digit_t* c)
{ // Multiprecision subtraction with correction with 4*p, c = a-b+4p.
#if (OS_TARGET == OS_WIN) || defined(GENERIC_IMPLEMENTATION) || (TARGET == TARGET_ARM) || (TARGET == TARGET_ARM64 && NBITS_FIELD == 751)
#if (OS_TARGET == OS_WIN)
unsigned int i, borrow = 0;
for (i = 0; i < NWORDS_FIELD; i++) {

4
src/P751/AMD64/fp_x64_asm.S
Просмотреть файл

@ -1,5 +1,9 @@
//*******************************************************************************************
// SIDH: an efficient supersingular isogeny cryptography library
// Copyright (c) Microsoft Corporation
//
// Website: https://github.com/microsoft/PQCrypto-SIDH
// Released under MIT license
//
// Abstract: field arithmetic in x64 assembly for P751 on Linux
//*******************************************************************************************

15
src/P751/ARM64/fp_arm64.c
Просмотреть файл

@ -1,10 +1,15 @@
/********************************************************************************************
* SIDH: an efficient supersingular isogeny cryptography library
* Copyright (c) Microsoft Corporation
*
* Website: https://github.com/microsoft/PQCrypto-SIDH
* Released under MIT license
*
* Abstract: modular arithmetic optimized for 64-bit ARMv8 platforms for P751
*********************************************************************************************/
#include "../P751_internal.h"
#include "../../internal.h"
// Global constants
extern const uint64_t p751[NWORDS_FIELD];
@ -13,21 +18,21 @@ extern const uint64_t p751x2[NWORDS_FIELD];
extern const uint64_t p751x4[NWORDS_FIELD];
__inline void mp_sub751_p2(const digit_t* a, const digit_t* b, digit_t* c)
inline void mp_sub751_p2(const digit_t* a, const digit_t* b, digit_t* c)
{ // Multiprecision subtraction with correction with 2*p, c = a-b+2p.
mp_sub751_p2_asm(a, b, c);
}
__inline void mp_sub751_p4(const digit_t* a, const digit_t* b, digit_t* c)
inline void mp_sub751_p4(const digit_t* a, const digit_t* b, digit_t* c)
{ // Multiprecision subtraction with correction with 4*p, c = a-b+4p.
mp_sub751_p4_asm(a, b, c);
}
__inline void fpadd751(const digit_t* a, const digit_t* b, digit_t* c)
inline void fpadd751(const digit_t* a, const digit_t* b, digit_t* c)
{ // Modular addition, c = a+b mod p751.
// Inputs: a, b in [0, 2*p751-1]
// Output: c in [0, 2*p751-1]
@ -36,7 +41,7 @@ __inline void fpadd751(const digit_t* a, const digit_t* b, digit_t* c)
}
__inline void fpsub751(const digit_t* a, const digit_t* b, digit_t* c)
inline void fpsub751(const digit_t* a, const digit_t* b, digit_t* c)
{ // Modular subtraction, c = a-b mod p751.
// Inputs: a, b in [0, 2*p751-1]
// Output: c in [0, 2*p751-1]
@ -45,7 +50,7 @@ __inline void fpsub751(const digit_t* a, const digit_t* b, digit_t* c)
}
__inline void fpneg751(digit_t* a)
inline void fpneg751(digit_t* a)
{ // Modular negation, a = -a mod p751.
// Input/output: a in [0, 2*p751-1]
unsigned int i, borrow = 0;

4
src/P751/ARM64/fp_arm64_asm.S
Просмотреть файл

@ -1,5 +1,9 @@
//*******************************************************************************************
// SIDH: an efficient supersingular isogeny cryptography library
// Copyright (c) Microsoft Corporation
//
// Website: https://github.com/microsoft/PQCrypto-SIDH
// Released under MIT license
//
// Abstract: field arithmetic in 64-bit ARMv8 assembly for P751 on Linux
//*******************************************************************************************

12
src/P751/P751.c
Просмотреть файл

@ -1,5 +1,9 @@
/********************************************************************************************
* SIDH: an efficient supersingular isogeny cryptography library
* Copyright (c) Microsoft Corporation
*
* Website: https://github.com/microsoft/PQCrypto-SIDH
* Released under MIT license
*
* Abstract: supersingular isogeny parameters and generation of functions for P751
*********************************************************************************************/
@ -29,10 +33,6 @@ const uint64_t p751x4[NWORDS64_FIELD] = { 0xFFFFFFFFFFFFFFFC, 0xFFFFF
0x8FB25A1527E1E2A3, 0x6A566C684FDF31DB, 0x213A619F5BAFA1DB, 0x158AD41172C95D20, 0x384A427E5EEB719A, 0x0001BF975507DC70 };
const uint64_t p751p1[NWORDS64_FIELD] = { 0x0000000000000000, 0x0000000000000000, 0x0000000000000000, 0x0000000000000000, 0x0000000000000000, 0xEEB0000000000000,
0xE3EC968549F878A8, 0xDA959B1A13F7CC76, 0x084E9867D6EBE876, 0x8562B5045CB25748, 0x0E12909F97BADC66, 0x00006FE5D541F71C };
const uint64_t p751x16p[2*NWORDS64_FIELD] = { 0x0000000000000010, 0x0000000000000000, 0x0000000000000000, 0x0000000000000000, 0x0000000000000000, 0x2A00000000000000,
0x826D2F56C0F0EAE2, 0xAD4C9CBD81067123, 0xF62CF3052282F124, 0x53A95F7469B516FE, 0x3DADEC0D08A4732F, 0x58AD934557C11C7E,
0x7F731B89B2DA43F2, 0x51AE9F5F5F6AFF3B, 0xD74319A6C9BCA375, 0x5BAB790796CF84D4, 0xA421554FE2E49CA8, 0x20AD617C8DF437CF,
0x3AB06E7A12F5FF7B, 0x70A25E037E40347E, 0x51F1D323FB4C1151, 0xAE0D99AA4835FED9, 0xDF5429960D2536B6, 0x000000030E91D466 };
// Order of Alice's subgroup
const uint64_t Alice_order[NWORDS64_ORDER] = { 0x0000000000000000, 0x0000000000000000, 0x0000000000000000, 0x0000000000000000, 0x0000000000000000, 0x0010000000000000 };
// Order of Bob's subgroup
@ -117,6 +117,10 @@ const unsigned int strat_Bob[MAX_Bob-1] = {
#define fp2correction fp2correction751
#define fp2mul_mont fp2mul751_mont
#define fp2sqr_mont fp2sqr751_mont
#define fp2mul_c0_mont fp2mul751_c0_mont
#define fp2mul_c1_mont fp2mul751_c1_mont
#define fp2sqr_c0_mont fp2sqr751_c0_mont
#define fp2sqr_c1_mont fp2sqr751_c1_mont
#define fp2inv_mont fp2inv751_mont
#define fp2inv_mont_bingcd fp2inv751_mont_bingcd
#define fpequal_non_constant_time fpequal751_non_constant_time

4
src/P751/P751_api.h
Просмотреть файл

@ -1,5 +1,9 @@
/********************************************************************************************
* SIDH: an efficient supersingular isogeny cryptography library
* Copyright (c) Microsoft Corporation
*
* Website: https://github.com/microsoft/PQCrypto-SIDH
* Released under MIT license
*
* Abstract: API header file for P751
*********************************************************************************************/

12
src/P751/P751_compressed.c
Просмотреть файл

@ -1,5 +1,9 @@
/********************************************************************************************
* Supersingular Isogeny Key Encapsulation Library
* Copyright (c) Microsoft Corporation
*
* Website: https://github.com/microsoft/PQCrypto-SIDH
* Released under MIT license
*
* Abstract: supersingular isogeny parameters and generation of functions for P751_compressed
*********************************************************************************************/
@ -30,10 +34,6 @@ const uint64_t p751x4[NWORDS64_FIELD] = { 0xFFFFFFFFFFFFFFFC, 0xFFFFF
0x8FB25A1527E1E2A3, 0x6A566C684FDF31DB, 0x213A619F5BAFA1DB, 0x158AD41172C95D20, 0x384A427E5EEB719A, 0x0001BF975507DC70 };
const uint64_t p751p1[NWORDS64_FIELD] = { 0x0000000000000000, 0x0000000000000000, 0x0000000000000000, 0x0000000000000000, 0x0000000000000000, 0xEEB0000000000000,
0xE3EC968549F878A8, 0xDA959B1A13F7CC76, 0x084E9867D6EBE876, 0x8562B5045CB25748, 0x0E12909F97BADC66, 0x00006FE5D541F71C };
const uint64_t p751x16p[2*NWORDS64_FIELD] = { 0x0000000000000010, 0x0000000000000000, 0x0000000000000000, 0x0000000000000000, 0x0000000000000000, 0x2A00000000000000,
0x826D2F56C0F0EAE2, 0xAD4C9CBD81067123, 0xF62CF3052282F124, 0x53A95F7469B516FE, 0x3DADEC0D08A4732F, 0x58AD934557C11C7E,
0x7F731B89B2DA43F2, 0x51AE9F5F5F6AFF3B, 0xD74319A6C9BCA375, 0x5BAB790796CF84D4, 0xA421554FE2E49CA8, 0x20AD617C8DF437CF,
0x3AB06E7A12F5FF7B, 0x70A25E037E40347E, 0x51F1D323FB4C1151, 0xAE0D99AA4835FED9, 0xDF5429960D2536B6, 0x000000030E91D466 };
// Order of Alice's subgroup
const uint64_t Alice_order[NWORDS64_ORDER] = { 0x0000000000000000, 0x0000000000000000, 0x0000000000000000, 0x0000000000000000, 0x0000000000000000, 0x0010000000000000 };
// Order of Bob's subgroup
@ -376,6 +376,10 @@ const uint64_t v_3_torsion[TABLE_V3_LEN][2 * NWORDS64_FIELD] =
#define fp2correction fp2correction751
#define fp2mul_mont fp2mul751_mont
#define fp2sqr_mont fp2sqr751_mont
#define fp2mul_c0_mont fp2mul751_c0_mont
#define fp2mul_c1_mont fp2mul751_c1_mont
#define fp2sqr_c0_mont fp2sqr751_c0_mont
#define fp2sqr_c1_mont fp2sqr751_c1_mont
#define fp2inv_mont fp2inv751_mont
#define fp2inv_mont_bingcd fp2inv751_mont_bingcd
#define fpequal_non_constant_time fpequal751_non_constant_time

4
src/P751/P751_compressed_api.h
Просмотреть файл

@ -1,5 +1,9 @@
/********************************************************************************************
* SIDH: an efficient supersingular isogeny cryptography library
* Copyright (c) Microsoft Corporation
*
* Website: https://github.com/microsoft/PQCrypto-SIDH
* Released under MIT license
*
* Abstract: API header file for P751 using compression
*********************************************************************************************/

4
src/P751/P751_compressed_dlog_tables.c
Просмотреть файл

@ -1,5 +1,9 @@
/********************************************************************************************
* SIDH: an efficient supersingular isogeny cryptography library
* Copyright (c) Microsoft Corporation
*
* Website: https://github.com/microsoft/PQCrypto-SIDH
* Released under MIT license
*
* Abstract: precomputed tables for Pohlig-Hellman when using compression
*********************************************************************************************/

4
src/P751/P751_compressed_pair_tables.c
Просмотреть файл

@ -1,5 +1,9 @@
/**************************************************************************************************
* SIDH: an efficient supersingular isogeny cryptography library
* Copyright (c) Microsoft Corporation
*
* Website: https://github.com/microsoft/PQCrypto-SIDH
* Released under MIT license
*
* Abstract: precomputed tables for pairing computation on E0: y^2 = x^3 + x when using compression
***************************************************************************************************/

12
src/P751/P751_internal.h
Просмотреть файл

@ -1,5 +1,9 @@
/********************************************************************************************
* SIDH: an efficient supersingular isogeny cryptography library
* Copyright (c) Microsoft Corporation
*
* Website: https://github.com/microsoft/PQCrypto-SIDH
* Released under MIT license
*
* Abstract: internal header file for P751
*********************************************************************************************/
@ -208,9 +212,17 @@ void fp2correction751(f2elm_t a);
// GF(p751^2) squaring using Montgomery arithmetic, c = a^2 in GF(p751^2)
void fp2sqr751_mont(const f2elm_t a, f2elm_t c);
void fp2sqr751_c0_mont(const digit_t* a, digit_t* c);
void fp2sqr751_c0_asm(const digit_t* a, digit_t* c);
void fp2sqr751_c1_mont(const digit_t* a, digit_t* c);
void fp2sqr751_c1_asm(const digit_t* a, digit_t* c);
// GF(p751^2) multiplication using Montgomery arithmetic, c = a*b in GF(p751^2)
void fp2mul751_mont(const f2elm_t a, const f2elm_t b, f2elm_t c);
void fp2mul751_c0_mont(const digit_t* a, const digit_t* b, digit_t* c);
void fp2mul751_c0_asm(const digit_t* a, const digit_t* b, digit_t* c);
void fp2mul751_c1_mont(const digit_t* a, const digit_t* b, digit_t* c);
void fp2mul751_c1_asm(const digit_t* a, const digit_t* b, digit_t* c);
// GF(p751^2) inversion using Montgomery arithmetic, a = (a0-i*a1)/(a0^2+a1^2)
void fp2inv751_mont(f2elm_t a);

4
src/P751/generic/fp_generic.c
Просмотреть файл

@ -1,5 +1,9 @@
/********************************************************************************************
* SIDH: an efficient supersingular isogeny cryptography library
* Copyright (c) Microsoft Corporation
*
* Website: https://github.com/microsoft/PQCrypto-SIDH
* Released under MIT license
*
* Abstract: portable modular arithmetic for P751
*********************************************************************************************/

4
src/compression/dlog.c
Просмотреть файл

@ -1,5 +1,9 @@
/********************************************************************************************
* SIDH: an efficient supersingular isogeny cryptography library
* Copyright (c) Microsoft Corporation
*
* Website: https://github.com/microsoft/PQCrypto-SIDH
* Released under MIT license
*
* Abstract: Pohlig-Hellman with optimal strategy
*********************************************************************************************/

4
src/compression/pairing.c
Просмотреть файл

@ -1,5 +1,9 @@
/********************************************************************************************
* SIDH: an efficient supersingular isogeny cryptography library
* Copyright (c) Microsoft Corporation
*
* Website: https://github.com/microsoft/PQCrypto-SIDH
* Released under MIT license
*
* Abstract: pairing computation for compression
*********************************************************************************************/

4
src/compression/sidh_compressed.c
Просмотреть файл

@ -1,5 +1,9 @@
/*************************************************************************************************
* SIDH: an efficient supersingular isogeny cryptography library
* Copyright (c) Microsoft Corporation
*
* Website: https://github.com/microsoft/PQCrypto-SIDH
* Released under MIT license
*
* Abstract: ephemeral supersingular isogeny Diffie-Hellman key exchange (SIDH) using compression
**************************************************************************************************/

4
src/compression/sike_compressed.c
Просмотреть файл

@ -1,5 +1,9 @@
/********************************************************************************************
* SIDH: an efficient supersingular isogeny cryptography library
* Copyright (c) Microsoft Corporation
*
* Website: https://github.com/microsoft/PQCrypto-SIDH
* Released under MIT license
*
* Abstract: supersingular isogeny key encapsulation (SIKE) protocol using compression
*********************************************************************************************/

4
src/compression/torsion_basis.c
Просмотреть файл

@ -1,5 +1,9 @@
/********************************************************************************************
* SIDH: an efficient supersingular isogeny cryptography library
* Copyright (c) Microsoft Corporation
*
* Website: https://github.com/microsoft/PQCrypto-SIDH
* Released under MIT license
*
* Abstract: Torsion basis generation for compression
*********************************************************************************************/

4
src/config.h
Просмотреть файл

@ -1,5 +1,9 @@
/********************************************************************************************
* SIDH: an efficient supersingular isogeny cryptography library
* Copyright (c) Microsoft Corporation
*
* Website: https://github.com/microsoft/PQCrypto-SIDH
* Released under MIT license
*
* Abstract: configuration file and platform-dependent macros
*********************************************************************************************/

4
src/ec_isogeny.c
Просмотреть файл

@ -1,5 +1,9 @@
/********************************************************************************************
* SIDH: an efficient supersingular isogeny cryptography library
* Copyright (c) Microsoft Corporation
*
* Website: https://github.com/microsoft/PQCrypto-SIDH
* Released under MIT license
*
* Abstract: elliptic curve and isogeny functions
*********************************************************************************************/

44
src/fpx.c
Просмотреть файл

@ -1,5 +1,9 @@
/********************************************************************************************
* SIDH: an efficient supersingular isogeny cryptography library
* Copyright (c) Microsoft Corporation
*
* Website: https://github.com/microsoft/PQCrypto-SIDH
* Released under MIT license
*
* Abstract: core functions over GF(p) and GF(p^2)
*********************************************************************************************/
@ -136,19 +140,27 @@ void copy_words(const digit_t* a, digit_t* c, const unsigned int nwords)
void fpmul_mont(const digit_t* ma, const digit_t* mb, digit_t* mc)
{ // Multiprecision multiplication, c = a*b mod p.
#if defined(_MULX_) && defined(_ADX_) && (OS_TARGET == OS_NIX) && (NBITS_FIELD != 751)
fpmul(ma, mb, mc);
#else
dfelm_t temp = {0};
mp_mul(ma, mb, temp, NWORDS_FIELD);
rdc_mont(temp, mc);
#endif
}
void fpsqr_mont(const digit_t* ma, digit_t* mc)
{ // Multiprecision squaring, c = a^2 mod p.
#if defined(_MULX_) && defined(_ADX_) && (OS_TARGET == OS_NIX) && (NBITS_FIELD != 751)
fpmul(ma, ma, mc);
#else
dfelm_t temp = {0};
mp_mul(ma, ma, temp, NWORDS_FIELD);
rdc_mont(temp, mc);
#endif
}
@ -215,7 +227,7 @@ void fp2correction(f2elm_t a)
inline static void mp_addfast(const digit_t* a, const digit_t* b, digit_t* c)
{ // Multiprecision addition, c = a+b.
#if (OS_TARGET == OS_WIN) || defined(GENERIC_IMPLEMENTATION) || (TARGET == TARGET_ARM)
#if (OS_TARGET == OS_WIN) || defined(GENERIC_IMPLEMENTATION)
mp_add(a, b, c, NWORDS_FIELD);
@ -256,7 +268,14 @@ inline unsigned int mp_add(const digit_t* a, const digit_t* b, digit_t* c, const
void fp2sqr_mont(const f2elm_t a, f2elm_t c)
{ // GF(p^2) squaring using Montgomery arithmetic, c = a^2 in GF(p^2).
// Inputs: a = a0+a1*i, where a0, a1 are in [0, 2*p-1]
// Output: c = c0+c1*i, where c0, c1 are in [0, 2*p-1]
// Output: c = c0+c1*i, where c0, c1 are in [0, 2*p-1]
#if defined(_MULX_) && defined(_ADX_) && (OS_TARGET == OS_NIX) && (NBITS_FIELD != 751)
dfelm_t tt1;
fp2sqr_c0_mont(a[0], (digit_t*)tt1); // c0 = (a0+a1)(a0-a1)
fp2sqr_c1_mont(a[0], c[1]); // c1 = 2a0*a1
fpcopy((digit_t*)tt1, c[0]);
#else
felm_t t1, t2, t3;
mp_addfast(a[0], a[1], t1); // t1 = a0+a1
@ -264,6 +283,7 @@ void fp2sqr_mont(const f2elm_t a, f2elm_t c)
mp_addfast(a[0], a[0], t3); // t3 = 2a0
fpmul_mont(t1, t2, c[0]); // c0 = (a0+a1)(a0-a1)
fpmul_mont(t3, a[1], c[1]); // c1 = 2a0*a1
#endif
}
@ -280,7 +300,7 @@ inline unsigned int mp_sub(const digit_t* a, const digit_t* b, digit_t* c, const
inline static void mp_subaddfast(const digit_t* a, const digit_t* b, digit_t* c)
{ // Multiprecision subtraction followed by addition with p*2^MAXBITS_FIELD, c = a-b+(p*2^MAXBITS_FIELD) if a-b < 0, otherwise c=a-b.
#if (OS_TARGET == OS_WIN) || defined(GENERIC_IMPLEMENTATION) || (TARGET == TARGET_ARM)
#if (OS_TARGET == OS_WIN) || defined(GENERIC_IMPLEMENTATION)
felm_t t1;
digit_t mask = 0 - (digit_t)mp_sub(a, b, c, 2*NWORDS_FIELD);
@ -288,7 +308,7 @@ inline static void mp_subaddfast(const digit_t* a, const digit_t* b, digit_t* c)
t1[i] = ((digit_t*)PRIME)[i] & mask;
mp_addfast((digit_t*)&c[NWORDS_FIELD], t1, (digit_t*)&c[NWORDS_FIELD]);
#elif (OS_TARGET == OS_NIX)
#elif (OS_TARGET == OS_NIX) && (TARGET == TARGET_ARM64 || NBITS_FIELD == 751)
mp_subaddx2_asm(a, b, c);
@ -298,12 +318,12 @@ inline static void mp_subaddfast(const digit_t* a, const digit_t* b, digit_t* c)
inline static void mp_dblsubfast(const digit_t* a, const digit_t* b, digit_t* c)
{ // Multiprecision subtraction, c = c-a-b, where lng(a) = lng(b) = 2*NWORDS_FIELD.
#if (OS_TARGET == OS_WIN) || defined(GENERIC_IMPLEMENTATION) || (TARGET == TARGET_ARM)
#if (OS_TARGET == OS_WIN) || defined(GENERIC_IMPLEMENTATION)
mp_sub(c, a, c, 2*NWORDS_FIELD);
mp_sub(c, b, c, 2*NWORDS_FIELD);
#elif (OS_TARGET == OS_NIX)
#elif (OS_TARGET == OS_NIX) && (TARGET == TARGET_ARM64 || NBITS_FIELD == 751)
mp_dblsubx2_asm(a, b, c);
@ -315,6 +335,13 @@ void fp2mul_mont(const f2elm_t a, const f2elm_t b, f2elm_t c)
{ // GF(p^2) multiplication using Montgomery arithmetic, c = a*b in GF(p^2).
// Inputs: a = a0+a1*i and b = b0+b1*i, where a0, a1, b0, b1 are in [0, 2*p-1]
// Output: c = c0+c1*i, where c0, c1 are in [0, 2*p-1]
#if defined(_MULX_) && defined(_ADX_) && (OS_TARGET == OS_NIX) && (NBITS_FIELD != 751)
felm_t t1;
fp2mul_c0_mont(a[0], b[0], t1); // c0 = a0*b0 - a1*b1
fp2mul_c1_mont(a[0], b[0], c[1]); // c1 = a0*b1 + a1*b0
fpcopy(t1, c[0]);
#else
felm_t t1, t2;
dfelm_t tt1, tt2, tt3;
@ -325,8 +352,9 @@ void fp2mul_mont(const f2elm_t a, const f2elm_t b, f2elm_t c)
mp_mul(t1, t2, tt3, NWORDS_FIELD); // tt3 = (a0+a1)*(b0+b1)
mp_dblsubfast(tt1, tt2, tt3); // tt3 = (a0+a1)*(b0+b1) - a0*b0 - a1*b1
mp_subaddfast(tt1, tt2, tt1); // tt1 = a0*b0 - a1*b1 + p*2^MAXBITS_FIELD if a0*b0 - a1*b1 < 0, else tt1 = a0*b0 - a1*b1
rdc_mont(tt3, c[1]); // c[1] = (a0+a1)*(b0+b1) - a0*b0 - a1*b1
rdc_mont(tt1, c[0]); // c[0] = a0*b0 - a1*b1
rdc_mont(tt3, c[1]); // c1 = (a0+a1)*(b0+b1) - a0*b0 - a1*b1
rdc_mont(tt1, c[0]); // c0 = a0*b0 - a1*b1
#endif
}

4
src/internal.h
Просмотреть файл

@ -1,5 +1,9 @@
/********************************************************************************************
* SIDH: an efficient supersingular isogeny cryptography library
* Copyright (c) Microsoft Corporation
*
* Website: https://github.com/microsoft/PQCrypto-SIDH
* Released under MIT license
*
* Abstract: internal header file for function definitions
*********************************************************************************************/

2
src/random/random.c
Просмотреть файл

@ -21,7 +21,7 @@
static inline void delay(unsigned int count)
{
while (count--) {}
while (count>0) { count--; }
}

4
src/sidh.c
Просмотреть файл

@ -1,5 +1,9 @@
/********************************************************************************************
* SIDH: an efficient supersingular isogeny cryptography library
* Copyright (c) Microsoft Corporation
*
* Website: https://github.com/microsoft/PQCrypto-SIDH
* Released under MIT license
*
* Abstract: ephemeral supersingular isogeny Diffie-Hellman key exchange (SIDH)
*********************************************************************************************/

4
src/sike.c
Просмотреть файл

@ -1,5 +1,9 @@
/********************************************************************************************
* SIDH: an efficient supersingular isogeny cryptography library
* Copyright (c) Microsoft Corporation
*
* Website: https://github.com/microsoft/PQCrypto-SIDH
* Released under MIT license
*
* Abstract: supersingular isogeny key encapsulation (SIKE) protocol
*********************************************************************************************/

23
tests/arith_tests-p434.c
Просмотреть файл

@ -1,5 +1,9 @@
/********************************************************************************************
* SIDH: an efficient supersingular isogeny cryptography library
* Copyright (c) Microsoft Corporation
*
* Website: https://github.com/microsoft/PQCrypto-SIDH
* Released under MIT license
*
* Abstract: testing code for field arithmetic, elliptic curve and isogeny functions
*********************************************************************************************/
@ -12,12 +16,12 @@
// Benchmark and test parameters
#if defined(GENERIC_IMPLEMENTATION) || (TARGET == TARGET_ARM)
#if defined(GENERIC_IMPLEMENTATION) || (OS_TARGET == OS_WIN) || (TARGET == TARGET_ARM)
#define BENCH_LOOPS 100 // Number of iterations per bench
#define SMALL_BENCH_LOOPS 100 // Number of iterations per bench
#define TEST_LOOPS 10 // Number of iterations per test
#else
#define BENCH_LOOPS 100000
#define BENCH_LOOPS 1000000
#define SMALL_BENCH_LOOPS 10000
#define TEST_LOOPS 100
#endif
@ -350,7 +354,6 @@ bool fp_run()
int n;
unsigned long long cycles, cycles1, cycles2;
felm_t a, b, c;
dfelm_t aa;
printf("\n--------------------------------------------------------------------------------------------------------\n\n");
printf("Benchmarking field arithmetic over GF(p434): \n\n");
@ -393,20 +396,6 @@ bool fp_run()
printf(" GF(p) multiplication runs in .................................... %7lld ", cycles/BENCH_LOOPS); print_unit;
printf("\n");
// GF(p) reduction using p434
cycles = 0;
for (n=0; n<BENCH_LOOPS; n++)
{
mp_mul(a, b, aa, NWORDS_FIELD);
cycles1 = cpucycles();
rdc_mont(aa, c);
cycles2 = cpucycles();
cycles = cycles+(cycles2-cycles1);
}
printf(" GF(p) reduction runs in ......................................... %7lld ", cycles/BENCH_LOOPS); print_unit;
printf("\n");
// GF(p) inversion
cycles = 0;
for (n=0; n<SMALL_BENCH_LOOPS; n++)

23
tests/arith_tests-p503.c
Просмотреть файл

@ -1,5 +1,9 @@
/********************************************************************************************
* SIDH: an efficient supersingular isogeny cryptography library
* Copyright (c) Microsoft Corporation
*
* Website: https://github.com/microsoft/PQCrypto-SIDH
* Released under MIT license
*
* Abstract: testing code for field arithmetic, elliptic curve and isogeny functions
*********************************************************************************************/
@ -12,12 +16,12 @@
// Benchmark and test parameters
#if defined(GENERIC_IMPLEMENTATION) || (TARGET == TARGET_ARM)
#if defined(GENERIC_IMPLEMENTATION) || (OS_TARGET == OS_WIN) || (TARGET == TARGET_ARM)
#define BENCH_LOOPS 100 // Number of iterations per bench
#define SMALL_BENCH_LOOPS 100 // Number of iterations per bench
#define TEST_LOOPS 10 // Number of iterations per test
#else
#define BENCH_LOOPS 100000
#define BENCH_LOOPS 1000000
#define SMALL_BENCH_LOOPS 10000
#define TEST_LOOPS 100
#endif
@ -350,7 +354,6 @@ bool fp_run()
int n;
unsigned long long cycles, cycles1, cycles2;
felm_t a, b, c;
dfelm_t aa;
printf("\n--------------------------------------------------------------------------------------------------------\n\n");
printf("Benchmarking field arithmetic over GF(p503): \n\n");
@ -393,20 +396,6 @@ bool fp_run()
printf(" GF(p) multiplication runs in .................................... %7lld ", cycles/BENCH_LOOPS); print_unit;
printf("\n");
// GF(p) reduction using p503
cycles = 0;
for (n=0; n<BENCH_LOOPS; n++)
{
mp_mul(a, b, aa, NWORDS_FIELD);
cycles1 = cpucycles();
rdc_mont(aa, c);
cycles2 = cpucycles();
cycles = cycles+(cycles2-cycles1);
}
printf(" GF(p) reduction runs in ......................................... %7lld ", cycles/BENCH_LOOPS); print_unit;
printf("\n");
// GF(p) inversion
cycles = 0;
for (n=0; n<SMALL_BENCH_LOOPS; n++)

23
tests/arith_tests-p610.c
Просмотреть файл

@ -1,5 +1,9 @@
/********************************************************************************************
* SIDH: an efficient supersingular isogeny cryptography library
* Copyright (c) Microsoft Corporation
*
* Website: https://github.com/microsoft/PQCrypto-SIDH
* Released under MIT license
*
* Abstract: testing code for field arithmetic, elliptic curve and isogeny functions
*********************************************************************************************/
@ -12,12 +16,12 @@
// Benchmark and test parameters
#if defined(GENERIC_IMPLEMENTATION) || (TARGET == TARGET_ARM)
#if defined(GENERIC_IMPLEMENTATION) || (OS_TARGET == OS_WIN) || (TARGET == TARGET_ARM)
#define BENCH_LOOPS 100 // Number of iterations per bench
#define SMALL_BENCH_LOOPS 100 // Number of iterations per bench
#define TEST_LOOPS 10 // Number of iterations per test
#else
#define BENCH_LOOPS 100000
#define BENCH_LOOPS 1000000
#define SMALL_BENCH_LOOPS 10000
#define TEST_LOOPS 100
#endif
@ -351,7 +355,6 @@ bool fp_run()
int n;
unsigned long long cycles, cycles1, cycles2;
felm_t a, b, c;
dfelm_t aa;
printf("\n--------------------------------------------------------------------------------------------------------\n\n");
printf("Benchmarking field arithmetic over GF(p610): \n\n");
@ -394,20 +397,6 @@ bool fp_run()
printf(" GF(p) multiplication runs in .................................... %7lld ", cycles/BENCH_LOOPS); print_unit;
printf("\n");
// GF(p) reduction using p610
cycles = 0;
for (n=0; n<BENCH_LOOPS; n++)
{
mp_mul(a, b, aa, NWORDS_FIELD);
cycles1 = cpucycles();
rdc_mont(aa, c);
cycles2 = cpucycles();
cycles = cycles+(cycles2-cycles1);
}
printf(" GF(p) reduction runs in ......................................... %7lld ", cycles/BENCH_LOOPS); print_unit;
printf("\n");
// GF(p) inversion
cycles = 0;
for (n=0; n<SMALL_BENCH_LOOPS; n++)

8
tests/arith_tests-p751.c
Просмотреть файл

@ -1,5 +1,9 @@
/********************************************************************************************
* SIDH: an efficient supersingular isogeny cryptography library
* Copyright (c) Microsoft Corporation
*
* Website: https://github.com/microsoft/PQCrypto-SIDH
* Released under MIT license
*
* Abstract: testing code for field arithmetic, elliptic curve and isogeny functions
*********************************************************************************************/
@ -12,12 +16,12 @@
// Benchmark and test parameters
#if defined(GENERIC_IMPLEMENTATION) || (TARGET == TARGET_ARM)
#if defined(GENERIC_IMPLEMENTATION) || (OS_TARGET == OS_WIN) || (TARGET == TARGET_ARM)
#define BENCH_LOOPS 100 // Number of iterations per bench
#define SMALL_BENCH_LOOPS 100 // Number of iterations per bench
#define TEST_LOOPS 10 // Number of iterations per test
#else
#define BENCH_LOOPS 100000
#define BENCH_LOOPS 1000000
#define SMALL_BENCH_LOOPS 10000
#define TEST_LOOPS 100
#endif

4
tests/test_SIDHp434.c
Просмотреть файл

@ -1,5 +1,9 @@
/********************************************************************************************
* SIDH: an efficient supersingular isogeny cryptography library
* Copyright (c) Microsoft Corporation
*
* Website: https://github.com/microsoft/PQCrypto-SIDH
* Released under MIT license
*
* Abstract: benchmarking/testing isogeny-based key exchange SIDHp434
*********************************************************************************************/

4
tests/test_SIDHp434_compressed.c
Просмотреть файл

@ -1,5 +1,9 @@
/********************************************************************************************
* SIDH: an efficient supersingular isogeny cryptography library
* Copyright (c) Microsoft Corporation
*
* Website: https://github.com/microsoft/PQCrypto-SIDH
* Released under MIT license
*
* Abstract: benchmarking/testing isogeny-based key exchange SIDHp434_compressed
*********************************************************************************************/

4
tests/test_SIDHp503.c
Просмотреть файл

@ -1,5 +1,9 @@
/********************************************************************************************
* SIDH: an efficient supersingular isogeny cryptography library
* Copyright (c) Microsoft Corporation
*
* Website: https://github.com/microsoft/PQCrypto-SIDH
* Released under MIT license
*
* Abstract: benchmarking/testing isogeny-based key exchange SIDHp503
*********************************************************************************************/

4
tests/test_SIDHp503_compressed.c
Просмотреть файл

@ -1,5 +1,9 @@
/********************************************************************************************
* SIDH: an efficient supersingular isogeny cryptography library
* Copyright (c) Microsoft Corporation
*
* Website: https://github.com/microsoft/PQCrypto-SIDH
* Released under MIT license
*
* Abstract: benchmarking/testing isogeny-based key exchange SIDHp503_compressed
*********************************************************************************************/

4
tests/test_SIDHp610.c
Просмотреть файл

@ -1,5 +1,9 @@
/********************************************************************************************
* SIDH: an efficient supersingular isogeny cryptography library
* Copyright (c) Microsoft Corporation
*
* Website: https://github.com/microsoft/PQCrypto-SIDH
* Released under MIT license
*
* Abstract: benchmarking/testing isogeny-based key exchange SIDHp610
*********************************************************************************************/

4
tests/test_SIDHp610_compressed.c
Просмотреть файл

@ -1,5 +1,9 @@
/********************************************************************************************
* SIDH: an efficient supersingular isogeny cryptography library
* Copyright (c) Microsoft Corporation
*
* Website: https://github.com/microsoft/PQCrypto-SIDH
* Released under MIT license
*
* Abstract: benchmarking/testing isogeny-based key exchange SIDHp610_compressed
*********************************************************************************************/

4
tests/test_SIDHp751.c
Просмотреть файл

@ -1,5 +1,9 @@
/********************************************************************************************
* SIDH: an efficient supersingular isogeny cryptography library
* Copyright (c) Microsoft Corporation
*
* Website: https://github.com/microsoft/PQCrypto-SIDH
* Released under MIT license
*
* Abstract: benchmarking/testing isogeny-based key exchange SIDHp751
*********************************************************************************************/

4
tests/test_SIDHp751_compressed.c
Просмотреть файл

@ -1,5 +1,9 @@
/********************************************************************************************
* SIDH: an efficient supersingular isogeny cryptography library
* Copyright (c) Microsoft Corporation
*
* Website: https://github.com/microsoft/PQCrypto-SIDH
* Released under MIT license
*
* Abstract: benchmarking/testing isogeny-based key exchange SIDHp751_compressed
*********************************************************************************************/

4
tests/test_SIKEp434.c
Просмотреть файл

@ -1,5 +1,9 @@
/********************************************************************************************
* SIDH: an efficient supersingular isogeny cryptography library
* Copyright (c) Microsoft Corporation
*
* Website: https://github.com/microsoft/PQCrypto-SIDH
* Released under MIT license
*
* Abstract: benchmarking/testing isogeny-based key encapsulation mechanism SIKEp434
*********************************************************************************************/

4
tests/test_SIKEp434_compressed.c
Просмотреть файл

@ -1,5 +1,9 @@
/**********************************************************************************************
* SIDH: an efficient supersingular isogeny cryptography library
* Copyright (c) Microsoft Corporation
*
* Website: https://github.com/microsoft/PQCrypto-SIDH
* Released under MIT license
*
* Abstract: benchmarking/testing isogeny-based key encapsulation mechanism SIKEp434_compressed
***********************************************************************************************/

4
tests/test_SIKEp503.c
Просмотреть файл

@ -1,5 +1,9 @@
/********************************************************************************************
* SIDH: an efficient supersingular isogeny cryptography library
* Copyright (c) Microsoft Corporation
*
* Website: https://github.com/microsoft/PQCrypto-SIDH
* Released under MIT license
*
* Abstract: benchmarking/testing isogeny-based key encapsulation mechanism SIKEp503
*********************************************************************************************/

4
tests/test_SIKEp503_compressed.c
Просмотреть файл

@ -1,5 +1,9 @@
/**********************************************************************************************
* SIDH: an efficient supersingular isogeny cryptography library
* Copyright (c) Microsoft Corporation
*
* Website: https://github.com/microsoft/PQCrypto-SIDH
* Released under MIT license
*
* Abstract: benchmarking/testing isogeny-based key encapsulation mechanism SIKEp503_compressed
***********************************************************************************************/

4
tests/test_SIKEp610.c
Просмотреть файл

@ -1,5 +1,9 @@
/********************************************************************************************
* SIDH: an efficient supersingular isogeny cryptography library
* Copyright (c) Microsoft Corporation
*
* Website: https://github.com/microsoft/PQCrypto-SIDH
* Released under MIT license
*
* Abstract: benchmarking/testing isogeny-based key encapsulation mechanism SIKEp610
*********************************************************************************************/

4
tests/test_SIKEp610_compressed.c
Просмотреть файл

@ -1,5 +1,9 @@
/**********************************************************************************************
* SIDH: an efficient supersingular isogeny cryptography library
* Copyright (c) Microsoft Corporation
*
* Website: https://github.com/microsoft/PQCrypto-SIDH
* Released under MIT license
*
* Abstract: benchmarking/testing isogeny-based key encapsulation mechanism SIKEp610_compressed
***********************************************************************************************/

4
tests/test_SIKEp751.c
Просмотреть файл

@ -1,5 +1,9 @@
/********************************************************************************************
* SIDH: an efficient supersingular isogeny cryptography library
* Copyright (c) Microsoft Corporation
*
* Website: https://github.com/microsoft/PQCrypto-SIDH
* Released under MIT license
*
* Abstract: benchmarking/testing isogeny-based key encapsulation mechanism SIKEp751
*********************************************************************************************/

4
tests/test_SIKEp751_compressed.c
Просмотреть файл

@ -1,5 +1,9 @@
/**********************************************************************************************
* SIDH: an efficient supersingular isogeny cryptography library
* Copyright (c) Microsoft Corporation
*
* Website: https://github.com/microsoft/PQCrypto-SIDH
* Released under MIT license
*
* Abstract: benchmarking/testing isogeny-based key encapsulation mechanism SIKEp751_compressed
***********************************************************************************************/

4
tests/test_extras.c
Просмотреть файл

@ -1,5 +1,9 @@
/********************************************************************************************
* SIDH: an efficient supersingular isogeny cryptography library
* Copyright (c) Microsoft Corporation
*
* Website: https://github.com/microsoft/PQCrypto-SIDH
* Released under MIT license
*
* Abstract: utility functions for testing and benchmarking
*********************************************************************************************/

4
tests/test_extras.h
Просмотреть файл

@ -1,5 +1,9 @@
/********************************************************************************************
* SIDH: an efficient supersingular isogeny cryptography library
* Copyright (c) Microsoft Corporation
*
* Website: https://github.com/microsoft/PQCrypto-SIDH
* Released under MIT license
*
* Abstract: utility header file for tests
*********************************************************************************************/

8
tests/test_sidh.c
Просмотреть файл

@ -1,16 +1,20 @@
/********************************************************************************************
* SIDH: an efficient supersingular isogeny cryptography library
* Copyright (c) Microsoft Corporation
*
* Website: https://github.com/microsoft/PQCrypto-SIDH
* Released under MIT license
*
* Abstract: benchmarking/testing isogeny-based key exchange
*********************************************************************************************/
// Benchmark and test parameters
#if defined(GENERIC_IMPLEMENTATION) || (TARGET == TARGET_ARM)
#if defined(GENERIC_IMPLEMENTATION) || (OS_TARGET == OS_WIN) || (TARGET == TARGET_ARM)
#define BENCH_LOOPS 5 // Number of iterations per bench
#define TEST_LOOPS 5 // Number of iterations per test
#else
#define BENCH_LOOPS 100
#define BENCH_LOOPS 1000
#define TEST_LOOPS 10
#endif

10
tests/test_sike.c
Просмотреть файл

@ -1,5 +1,9 @@
/********************************************************************************************
* SIDH: an efficient supersingular isogeny cryptography library
* Copyright (c) Microsoft Corporation
*
* Website: https://github.com/microsoft/PQCrypto-SIDH
* Released under MIT license
*
* Abstract: benchmarking/testing isogeny-based key encapsulation mechanism
*********************************************************************************************/
@ -13,17 +17,17 @@
#ifdef DO_VALGRIND_CHECK
#define TEST_LOOPS 1
#else
#if defined(GENERIC_IMPLEMENTATION) || (TARGET == TARGET_ARM)
#if defined(GENERIC_IMPLEMENTATION) || (OS_TARGET == OS_WIN) || (TARGET == TARGET_ARM)
#define TEST_LOOPS 5 // Number of iterations per test
#else
#define TEST_LOOPS 10
#endif
#endif
#if defined(GENERIC_IMPLEMENTATION) || (TARGET == TARGET_ARM)
#if defined(GENERIC_IMPLEMENTATION) || (OS_TARGET == OS_WIN) || (TARGET == TARGET_ARM)
#define BENCH_LOOPS 5 // Number of iterations per bench
#else
#define BENCH_LOOPS 100
#define BENCH_LOOPS 1000
#endif