I've fixed up the 256-bit arithmetic to run on Linux; the arithmetic and curve arithmetic tests pass, at least. The assembly code has a few extra instructions at the top of each function to adjust the arguments to the correct calling convention, so there may be a slight slowdown compared to the original.
Here are the results on Sandy Bridge, compiled with gcc-4.8 -O3 -march=corei7-avx: > TESTING > -------------------------------------------------------------------------------------------------------- > > Curve arithmetic: Weierstrass a=-3 over GF(2^256-189) > > Point doubling tests > .................................................................... PASSED > (Complete) point addition tests > ......................................................... PASSED > Variable-base scalar multiplication tests > ............................................... PASSED > Fixed-base scalar multiplication tests > .................................................. PASSED > Double-scalar multiplication tests > ...................................................... PASSED > > -------------------------------------------------------------------------------------------------------- > > Curve arithmetic: twisted Edwards a=-1 over GF(2^256-189) > > Point doubling tests > .................................................................... PASSED > Point addition tests > .................................................................... PASSED > Variable-base scalar multiplication tests > ............................................... PASSED > Fixed-base scalar multiplication tests > .................................................. PASSED > Double-scalar multiplication tests > ...................................................... PASSED > > > BENCHMARKING > -------------------------------------------------------------------------------------------------------- > > Curve arithmetic: Weierstrass a=-3 over GF(2^256-189) > > Point doubling runs in .......................................... 692 > cycles > (Complete) point addition runs in ............................... 1800 > cycles > Variable-base scalar mul runs in ................................ 283459 > cycles > Fixed-base scalar mul (memory model=MEM_LARGE) runs in .......... 110170 > cycles > Double-base scalar mul (memory model=MEM_LARGE) runs in ......... 308682 > cycles > > -------------------------------------------------------------------------------------------------------- > > Curve arithmetic: twisted Edwards a=-1 over GF(2^256-189) > > Point doubling runs in .......................................... 561 > cycles > (Complete) point addition runs in ............................... 937 > cycles > Variable-base scalar mul runs in ................................ 229518 > cycles > Fixed-base scalar mul (memory model=MEM_LARGE) runs in .......... 84654 > cycles > Double-base scalar mul (memory model=MEM_LARGE) runs in ......... 242049 > cycles _______________________________________________ Curves mailing list [email protected] https://moderncrypto.org/mailman/listinfo/curves
