yuzu/mbedtls
1
0
Fork 0
mirror of https://github.com/yuzu-emu/mbedtls.git synced 2025-03-24 22:25:11 +00:00
Code Issues Packages Projects Releases Wiki Activity

Add another option to reduce EC memory usage

Browse source 
Also document speed/memory trade-offs better.
This commit is contained in:
Manuel Pégourié-Gonnard 2013-12-30 18:41:16 +01:00
parent 70896a023e
commit 9e4191c3e7
3 changed files with 31 additions and 3 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

1
include/polarssl/config.h
View file

@ -1874,6 +1874,7 @@
// //
#define POLARSSL_ECP_MAX_BITS 521 /**< Maximum bit size of groups */ #define POLARSSL_ECP_MAX_BITS 521 /**< Maximum bit size of groups */
#define POLARSSL_ECP_WINDOW_SIZE 6 /**< Maximum window size used */ #define POLARSSL_ECP_WINDOW_SIZE 6 /**< Maximum window size used */
#define POLARSSL_ECP_FIXED_POINT_OPTIM 1 /**< Enable fixed-point speed-up */
// Entropy options // Entropy options
// //

26
include/polarssl/ecp.h
View file

@ -178,11 +178,33 @@ ecp_keypair;
* Minimum value: 2. Maximum value: 7. * Minimum value: 2. Maximum value: 7.
* *
* Result is an array of at most ( 1 << ( POLARSSL_ECP_WINDOW_SIZE - 1 ) ) * Result is an array of at most ( 1 << ( POLARSSL_ECP_WINDOW_SIZE - 1 ) )
* points used for point multiplication. * points used for point multiplication. This value is directly tied to EC
* peak memory usage, so decreasing it by one should roughly cut memory usage
* by two (if large curves are in use).
* *
* Reduction in size may reduce speed for big curves. * Reduction in size may reduce speed, but larger curves are impacted first.
* Sample performances (in ECDHE handshakes/s, with FIXED_POINT_OPTIM = 1):
* w-size: 6 5 4 3 2
* 521 145 141 135 120 97
* 384 214 209 198 177 146
* 256 320 320 303 262 226
* 224 475 475 453 398 342
* 192 640 640 633 587 476
*/ */
#define POLARSSL_ECP_WINDOW_SIZE 6 /**< Maximum window size used */ #define POLARSSL_ECP_WINDOW_SIZE 6 /**< Maximum window size used */
/*
* Trade memory for speed on fixed-point multiplication.
*
* This speeds up repeated multiplication of the generator (that is, the
* multiplication in ECDSA signatures, and half of the multiplications in
* ECDSA verification and ECDHE) by a factor roughly 3 to 4.
*
* The cost is increasing EC peak memory usage by a factor roughly 2.
*
* Change this value to 0 to reduce peak memory usage.
*/
#define POLARSSL_ECP_FIXED_POINT_OPTIM 1 /**< Enable fixed-point speed-up */
#endif #endif
/* /*

7
library/ecp.c
View file

@ -1315,12 +1315,17 @@ static int ecp_mul_comb( ecp_group *grp, ecp_point *R,
/* /*
* If P == G, pre-compute a bit more, since this may be re-used later. * If P == G, pre-compute a bit more, since this may be re-used later.
* Just adding one ups the cost of the first mul by at most 3%. * Just adding one avoids upping the cost of the first mul too much,
* and the memory cost too.
*/ */
#if POLARSSL_ECP_FIXED_POINT_OPTIM == 1
p_eq_g = ( mpi_cmp_mpi( &P->Y, &grp->G.Y ) == 0 && p_eq_g = ( mpi_cmp_mpi( &P->Y, &grp->G.Y ) == 0 &&
mpi_cmp_mpi( &P->X, &grp->G.X ) == 0 ); mpi_cmp_mpi( &P->X, &grp->G.X ) == 0 );
if( p_eq_g ) if( p_eq_g )
w++; w++;
#else
p_eq_g = 0;
#endif
/* /*
* Make sure w is within bounds. * Make sure w is within bounds.