add generic constant time multi-exp for ECDH #100

issue gmaxwell openend this issue on November 12, 2014
  1. gmaxwell commented at 6:18 am on November 12, 2014: contributor

    There should be a public interface offering a constant-time generic multiexp, e.g. out_point = s1_P1 + s2_P2 + … + sn*Pn, for use in ECDH and ECDH with forward secrecy. (unless there is some speedup I’m not thinking of which only works for the non-multiexp case).

    Maybe API wise it could split precomputation and the multiply, for applications where points are reused? e.g. pass in a set of precomputed tables?

  2. sipa assigned sipa on Nov 18, 2014
  3. gmaxwell added the label enhancement on Jan 11, 2015
  4. Kagami commented at 3:05 pm on January 13, 2015: none
    :+1: It would be very nice to have ECDH.
  5. sipa commented at 5:19 am on November 28, 2016: contributor
    Fixed by #252.
  6. sipa closed this on Nov 28, 2016


gmaxwell Kagami sipa

github-metadata-mirror

This is a metadata mirror of the GitHub repository bitcoin-core/secp256k1. This site is not affiliated with GitHub. Content is generated from a GitHub metadata backup.
generated: 2024-11-22 06:15 UTC
This site is hosted by @0xB10C
More mirrored repositories can be found on mirror.b10c.me