t...@gmplib.org (Torbjörn Granlund) writes:
> In the side-channel silent GMP mpn_sec_powm we compute a table of powers
> of the base B, from B^0 to B^k-1 for some table size k.
[...]
> I.e., for even powers we do a squaring, while for odd numbers we do like
> before.
That's a nice (and likely old) trick. I'm pretty sure I've seen it
before. Hmm, I do precisely that in the table precomputation in the
corresponding code for ecc scalar multiplication, main loop being
for (j = 2; j < size; j += 2)
{
ecc_dup_jj (ecc, TABLE(j), TABLE(j/2), scratch);
ecc_add_jja (ecc, TABLE(j+1), TABLE(j), TABLE(1), scratch);
}
Regards,
/Niels
--
Niels Möller. PGP-encrypted email is preferred. Keyid 368C6677.
Internet email is subject to wholesale government surveillance.
_______________________________________________
gmp-devel mailing list
gmp-devel@gmplib.org
https://gmplib.org/mailman/listinfo/gmp-devel
