kris/boringssl
1
0
Fork 0
Code Issues Pull Requests Releases Wiki Activity
feffb87168
boringssl/crypto/curve25519
History
David Benjamin 884086e0e2 Remove x86_64 x25519 assembly. 
Now that we have 64-bit C code, courtesy of fiat-crypto, the tradeoff
for carrying the assembly changes:

Assembly:
Did 16000 Curve25519 base-point multiplication operations in 1059932us (15095.3 ops/sec)
Did 16000 Curve25519 arbitrary point multiplication operations in 1060023us (15094.0 ops/sec)

fiat64:
Did 39000 Curve25519 base-point multiplication operations in 1004712us (38817.1 ops/sec)
Did 14000 Curve25519 arbitrary point multiplication operations in 1006827us (13905.1 ops/sec)

The assembly is still about 9% faster than fiat64, but fiat64 gets to
use the Ed25519 tables for the base point multiplication, so overall it
is actually faster to disable the assembly:

>>> 1/(1/15094.0 + 1/15095.3)
7547.324986004976
>>> 1/(1/38817.1 + 1/13905.1)
10237.73016319501

(At the cost of touching a 30kB table.)

The assembly implementation is no longer pulling its weight. Remove it
and use the fiat code in all build configurations.

Change-Id: Id736873177d5568bb16ea06994b9fcb1af104e33
Reviewed-on: https://boringssl-review.googlesource.com/25524
Reviewed-by: Adam Langley <agl@google.com>
2018-02-01 21:44:58 +00:00
..
asm Remove x86_64 x25519 assembly. 2018-02-01 21:44:58 +00:00
CMakeLists.txt Remove x86_64 x25519 assembly. 2018-02-01 21:44:58 +00:00
ed25519_test.cc Convert ed25519_test to GTest. 2017-05-23 22:33:55 +00:00
ed25519_tests.txt
spake25519_test.cc Move curve25519 code to third_party/fiat. 2017-11-03 22:23:59 +00:00
spake25519.c Move curve25519 code to third_party/fiat. 2017-11-03 22:23:59 +00:00
x25519_test.cc curve25519: adhere to preconditions of fe_*. 2017-11-03 18:40:11 +00:00