Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Add fast iterated point doubling #4221

Merged
merged 1 commit into from
Jul 17, 2024
Merged

Add fast iterated point doubling #4221

merged 1 commit into from
Jul 17, 2024

Conversation

randombit
Copy link
Owner

@randombit randombit commented Jul 16, 2024
edited
Loading

Improves ECDH performance for curves with A == -3 by 5-9%

#4027

@coveralls
Copy link

coveralls commented Jul 16, 2024
edited
Loading

Coverage Status

coverage: 91.717% (-0.005%) from 91.722%
when pulling b5a922f on jack/fast-dbl-n
into 73851ff on master.

reneme
reneme approved these changes Jul 17, 2024
View reviewed changes
src/lib/math/pcurves/pcurves_impl/pcurves_impl.h
Comment on lines 707 to +701
constexpr Self dbl_n(size_t n) const {
// TODO it is possible to optimize this by carrying over values from
// the previous iteration into the next
if constexpr(Self::A_is_minus_3) {
Copy link
Collaborator

@reneme reneme Jul 17, 2024
edited
Loading

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

In case you want to express this as a good-old function overload, I think you could do this:

constexpr Self dbl_n(size_t n const)
   requires(Self::A_is_minus_3)
{
   // ...
}

constexpr Self dbl_n(size_t n const)
   requires(!Self::A_is_minus_3)
{
   // ...
}

... to avoid the if constexpr spanning the entirety of the function. No strong opinion on what is more idiomatic from my side. But, I generally think, the less indentation the better.

Copy link
Owner Author

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

I expect in the future this will expand to cover other types of curves (A == 0 and/or generic A) in which case the single function will be cleaner.

src/lib/math/pcurves/pcurves_impl/pcurves_impl.h Outdated Show resolved Hide resolved
src/lib/math/pcurves/pcurves_impl/pcurves_impl.h
Comment on lines +722 to +723
auto nx = x();
auto ny = y();
auto nz = z();
ny = ny.mul2();
auto w = nz.square().square();
Copy link
Collaborator

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Does it make sense to early-return on n == 0?

Copy link
Owner Author

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Not really in practice - we call this with n derived from window sizes so n is always > 0

src/lib/math/pcurves/pcurves_impl/pcurves_impl.h Outdated Show resolved Hide resolved
@randombit
Add fast iterated point doubling
b5a922f 
Improves ECDH performance for curves with A == -3 by 5-9%
@randombit randombit merged commit 50b368a into master Jul 17, 2024
39 checks passed
@randombit randombit deleted the jack/fast-dbl-n branch July 17, 2024 13:27
@randombit randombit mentioned this pull request Jul 19, 2024
Open
20 tasks
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@reneme reneme reneme approved these changes

Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
3 participants
@randombit @coveralls @reneme