WIP: Internal bignum #61
Closed
Conversation
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
- In secp256k1_gej_split_exp, there are two divisions used. Since the denominator is a constant known at compile-time, each can be replaced by a multiplication followed by a right-shift (and rounding). - Add the constants g1, g2 for this purpose and rewrite secp256k1_gej_split_exp accordingly. - Remove secp256k1_num_div since no longer used
For now libgmp is still required for modulo.
Contributor
Author
|
This was a pretty nasty hack-job. Better to start over if this is desired again later. |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
3 participants
Add this suggestion to a batch that can be applied as a single commit.
This suggestion is invalid because no changes were made to the code.
Suggestions cannot be applied while the pull request is closed.
Suggestions cannot be applied while viewing a subset of changes.
Only one suggestion per line can be applied in a batch.
Add this suggestion to a batch that can be applied as a single commit.
Applying suggestions on deleted lines is not supported.
You must change the existing code in this line in order to create a valid suggestion.
Outdated suggestions cannot be applied.
This suggestion has been applied or marked resolved.
Suggestions cannot be applied from pending reviews.
Suggestions cannot be applied on multi-line comments.
Suggestions cannot be applied while the pull request is queued to merge.
Suggestion cannot be applied right now. Please check back later.
This is a work-in-progress. I'm not sure how performance will stack up with the others, so I figure it's worth some high-level discussion before continuing. The formatting is sloppy, error checking is needed, and unit tests need to be added. The implementation is naive, but the results were better than I expected. Passes all current tests.
At this point, everything is implemented except for modulo. I've pulled in #59 and #21 to avoid some of the more complication operations upfront. For modulo, libgmp is still required. Obviously this is temporary.
To keep things simple, everything is stack-allocated. No vla's. The largest unsigned type is used as the base. This ensures compatibility across all platforms. I've verified that linux x86 and x64 both work as intended. For now, the radix must match what libgmp uses (unsigned long). Once the missing operations are added, any size should work.
There are some easy optims that could be added, but I've held off for the most part. Using int128 simplifies many operations, but it may be worth splitting that out into a separate implementation.
Early results (keeping in mind that libgmp's modulo is still being used)
x86_64 64bit_asm as a baseline, using 'bench' as a naive benchmark:
80% of libgmp's bignum
2x faster than openssl
After some profiling and optimizing, I'm hoping it will be able to be in the same ball-park as libgmp. Also, from a bignum perspective, there are several changes that could be made to the internal api afterwards to speed things up.