Enforce and use r != b for field multiplication #124

pull sipa wants to merge 2 commits into bitcoin-core:master from sipa:restrictb changing 9 files +69 −63
  1. sipa commented at 6:46 PM on November 30, 2014: contributor

    This was suggested by Peter Dettman, results in a 1.7% speedup (when compiled with --field=64bit --enable-endomorphism CFLAGS=-O3), and could simplify assembly implementations.

  2. sipa force-pushed on Nov 30, 2014
  3. sipa force-pushed on Nov 30, 2014
  4. sipa commented at 8:41 PM on November 30, 2014: contributor

    @gmaxwell Moved the SECP256K1_RESTRICT macro to util.h (I don't think we should be using it in the external interface anyway), and made it into a dummy if building with VERIFY.

    I did catch errors with the code as it was, though, so GCC isn't smart enough to compile a "if (r != b)" check away, even with a restrict on b.

  5. Require that r and b are different for field multiplication.
    Suggested by Peter Dettman, this prepares for slightly faster muitiplication
which writes results immediately to r before finishing reading b.
    be82e92fc4
  6. Make secp256k1_fe_mul_inner use the r != property
    Suggested by Peter Dettman.
    4d4eeea4ac
  7. sipa force-pushed on Dec 1, 2014
  8. gmaxwell commented at 2:27 PM on December 2, 2014: contributor

    ACK

  9. sipa merged this on Dec 2, 2014
  10. sipa closed this on Dec 2, 2014
  11. sipa referenced this in commit 276f987d70 on Dec 2, 2014
Contributors
sipagmaxwell
github-metadata-mirror

This is a metadata mirror of the GitHub repository bitcoin-core/secp256k1. This site is not affiliated with GitHub. Content is generated from a GitHub metadata backup.
generated: 2026-04-14 11:15 UTC
This site is hosted by @0xB10C
More mirrored repositories can be found on mirror.b10c.me