I would like to introduce a remarkable implementation of x25519 and ed25519 library. The sources are hosted at: https://github.com/msotoodeh/curve25519
The code is experimental but rather stable. It is compact, portable and uses simple design logic. On the security front, it employs several measures for side-channel security. But the most remarkable feature is speed. This library sets new speed records. It uses a new technique I call it FOLDING for achieving this goal. FOLDING chops the scalar multiplier into n pieces (or folds) and operates on the folds simultaneously reducing number of point operations by a factor of 4 or 8. For example, ed25519 signature takes 31 point doubling and 31 point additions. Folding uses pre-calculated tables: 1.5 KB for 4-fold and 24 KB for 8-folds. The total cost of pre and post calculation is comparable with windowed implementations when window-size is equal to number of folds). I welcome your comments and appreciate your expert opinion on this library. Regards, Mehdi Sotoodeh.
_______________________________________________ Curves mailing list [email protected] https://moderncrypto.org/mailman/listinfo/curves
