Constant-time code on POWER9 #771

issue real-or-random openend this issue on July 24, 2020
  1. real-or-random commented at 10:27 pm on July 24, 2020: contributor

    GCC 9.2.1 on POWER9 emits a lot of branches for carries in the 32-bit scalar code. :( The issue seems to be similar to the one in the ECDH code. Those comparisons aren’t reliably turned into constant time assembly.

    Originally posted by @gmaxwell in #708 (comment)

  2. real-or-random commented at 10:27 pm on July 24, 2020: contributor
    See also http://gnusha.org/secp256k1/2020-01-11.log at 11:29 and 11:37
  3. real-or-random cross-referenced this on Jul 24, 2020 from issue Improve constant-timeness on PowerPC by real-or-random
  4. real-or-random referenced this in commit 10a4b2b34a on Jul 26, 2020
  5. real-or-random referenced this in commit 5b196338f0 on Jul 26, 2020
  6. real-or-random closed this on Jul 28, 2020

  7. real-or-random referenced this in commit 214cb3c321 on Jul 28, 2020
  8. real-or-random cross-referenced this on Dec 3, 2021 from issue -Wunused-parameter warnings when cross-compiling for riscv64-linux-gnu by hebasto


real-or-random


github-metadata-mirror

This is a metadata mirror of the GitHub repository bitcoin-core/secp256k1. This site is not affiliated with GitHub. Content is generated from a GitHub metadata backup.
generated: 2024-10-30 01:15 UTC

This site is hosted by @0xB10C
More mirrored repositories can be found on mirror.b10c.me