mirror of https://github.com/bitcoin/bitcoin
You can not select more than 25 topics
Topics must start with a letter or number, can include dashes ('-') and can be up to 35 characters long.
30 lines
1.4 KiB
30 lines
1.4 KiB
11 years ago
|
libsecp256k1
|
||
|
|
============
|
||
|
|
|
||
|
|
Optimized C library for EC operations on curve secp256k1
|
||
|
|
|
||
|
|
This library is experimental, so use at your own risk.
|
||
|
|
|
||
|
|
Implementation details
|
||
|
|
----------------------
|
||
|
|
|
||
|
|
* General
|
||
|
|
* Avoid dynamic memory usage almost everywhere.
|
||
|
|
* Field operations
|
||
|
|
* Optimized implementation of arithmetic modulo the curve's field size (2^256 - 0x1000003D1).
|
||
|
|
* Using 5 52-bit limbs (including hand-optimized assembly for x86_64, by Diederik Huys).
|
||
|
|
* Using 10 26-bit limbs.
|
||
|
|
* Using GMP.
|
||
|
|
* Field inverses and square roots using a sliding window over blocks of 1s (by Peter Dettman).
|
||
|
|
* Group operations
|
||
|
|
* Point addition formula specifically simplified for the curve equation (y^2 = x^3 + 7).
|
||
|
|
* Use addition between points in Jacobian and affine coordinates where possible.
|
||
|
|
* Point multiplication for verification (a*P + b*G).
|
||
|
|
* Use wNAF notation for point multiplicands.
|
||
|
|
* Use a much larger window for multiples of G, using precomputed multiples.
|
||
|
|
* Use Shamir's trick to do the multiplication with the public key and the generator simultaneously.
|
||
|
|
* Optionally use secp256k1's efficiently-computable endomorphism to split the multiplicands into 4 half-sized ones first.
|
||
|
|
* Point multiplication for signing
|
||
|
|
* Use a precomputed table of multiples of powers of 16 multiplied with the generator, so general multiplication becomes a series of additions.
|
||
|
|
* Slice the precomputed table in memory per byte, so memory access to the table becomes uniform.
|