Comments (7)
andres-erbsen
commented on September 27, 2024
Or maybe we are mistaken to assume base b=2. Following HAC 14.42 as the code suggests, b=256, k=32 would make sense as well, and satisfy b^(k-1) < n < b^k.
from fiat-crypto.
JasonGross
commented on September 27, 2024
Oh, hrm, interesting. I don't think I have anything that relies on b = 2, so it should be easy to generalize to any b > 1. The computation is q = (mu * (a >> (256 - 32)) >> (256 + 32)?
from fiat-crypto.
andres-erbsen
commented on September 27, 2024
The guess I have with b=256=2^8 would give 256^(32-1) = 2^(256-8) and 256^(32+1) = 2^(256+8), so q = (mu * (a >> (256 - 8)) >> (256 + 8).
from fiat-crypto.
JasonGross
commented on September 27, 2024
Ugh, why are there so many variations on Barrett Reduction. Not only does this version split apart the shifts, it also does reduction modulo b^(k+1) early (which might be where the possibility of negative values comes from).
from fiat-crypto.
JasonGross
commented on September 27, 2024
@andres-erbsen Is it acceptable to replace
(3) If
r < 0thenr ← r + bᵏ⁺¹
with
(3) r ← r mod bᵏ⁺¹
? I think this would make the proofs much easier, and it seems like, by choosing k and b carefully with respect to the machine word size, you get this for free.
from fiat-crypto.
JasonGross
commented on September 27, 2024
What needs to be done to complete this, on top of #69?
from fiat-crypto.
JasonGross
commented on September 27, 2024
Closed by #77.
from fiat-crypto.
Related Issues (20)
- Difficulty adding a rewrite rule HOT 9
- Types for `strict` and `loose` field elements should prevent misuse HOT 1
- Build should not depend on git HOT 1
- Consider libsecp256k1 "magnitude" semantics instead of tight and loose bounds
- src/Bedrock/Field/Common/Util.v broken HOT 3
- Rust: `no_std` is broken due to use of `std::ops`
- Using word_by_word_montgomery with one-word prime modulus HOT 1
- Consider to replace Stdlib by Prevasives HOT 1
- Please create a tag for Coq 8.18 in Coq Platform 2023.10 HOT 10
- standalone-javascript with js_of_ocaml?
- Generate single binary for all synthesis
- Upload universal binaries for MacOS HOT 2
- Test install target on CI
- README should link to latest standalone binaries on release page
- Avoid running out of stack in js_of_ocaml code
- Installation problems on Arch Linux: Package `coq-core.plugins.ltac' not found HOT 5
- Mask most significant bit in from_bytes HOT 2
- Change fiat_25519_opp to return a tight? HOT 1
- Please create a tag for Coq 8.19 in Coq Platform 2024.01 HOT 15
- Slow BarrettReduction?
Recommend Projects
-
React
A declarative, efficient, and flexible JavaScript library for building user interfaces.
-
Vue.js
🖖 Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.
-
Typescript
TypeScript is a superset of JavaScript that compiles to clean JavaScript output.
-
TensorFlow
An Open Source Machine Learning Framework for Everyone
-
Django
The Web framework for perfectionists with deadlines.
-
Laravel
A PHP framework for web artisans
-
D3
Bring data to life with SVG, Canvas and HTML. 📊📈🎉
-
Recommend Topics
-
javascript
JavaScript (JS) is a lightweight interpreted programming language with first-class functions.
-
web
Some thing interesting about web. New door for the world.
-
server
A server is a program made to process requests and deliver data to clients.
-
Machine learning
Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.
-
Visualization
Some thing interesting about visualization, use data art
-
Game
Some thing interesting about game, make everyone happy.
Recommend Org
-
Facebook
We are working to build community through open source technology. NB: members must have two-factor auth.
-
Microsoft
Open source projects and samples from Microsoft.
-
Google
Google ❤️ Open Source for everyone.
-
Alibaba
Alibaba Open Source for everyone
-
D3
Data-Driven Documents codes.
-
Tencent
China tencent open source team.
from fiat-crypto.