Revision - ccf644f - Add p448_32 - origin: https://github.com/mit-plv/fiat-crypto

visit type:

https://github.com/mit-plv/fiat-crypto

12 July 2022, 18:24:35 UTC

Revision ccf644f710b931dad8339aa63c1ce6e95d19a623 authored by Jason Gross on 20 May 2020, 00:02:51 UTC, committed by Jason Gross on 21 May 2020, 05:37:39 UTC

Add p448_32

Disable p448 x32 on backends w/o int128 support

It doesn't work due to #797

<details><summary>Timing Diff</summary>
<p>

```
     Time |   Peak Mem | File Name
----------------------------------------------------------------------------
63m03.86s | 1916264 ko | Total Time / Peak Mem
----------------------------------------------------------------------------
 7m48.59s |  812688 ko | fiat-rust/src/p384_32.rs
 7m43.34s |  930444 ko | fiat-go/src/p384_32.go
 7m37.87s | 1071224 ko | fiat-bedrock2/src/p384_32.c
 7m37.37s | 1065336 ko | fiat-java/src/FiatP384.java
 7m37.03s | 1074936 ko | fiat-c/src/p384_32.c
 0m52.25s |   63728 ko | fiat-bedrock2/src/p521_64.c
 0m50.72s |   69828 ko | fiat-go/src/p521_64.go
 0m50.68s |   62288 ko | fiat-c/src/p521_64.c
 0m50.59s |   62252 ko | fiat-rust/src/p521_64.rs
 0m43.59s | 1594940 ko | ExtractionOCaml/bedrock2_word_by_word_montgomery
 0m42.99s | 1594780 ko | ExtractionOCaml/word_by_word_montgomery
 0m36.77s |   75096 ko | fiat-bedrock2/src/p448_solinas_32.c
 0m31.68s | 1252444 ko | ExtractionOCaml/bedrock2_unsaturated_solinas
 0m31.39s |   45904 ko | fiat-java/src/FiatP448Solinas.java
 0m31.30s | 1213388 ko | ExtractionOCaml/unsaturated_solinas
 0m30.60s |   50876 ko | fiat-go/src/p448_solinas_32.go
 0m30.28s |  190236 ko | fiat-bedrock2/src/p256_32.c
 0m30.13s |   46416 ko | fiat-c/src/p448_solinas_32.c
 0m29.76s | 1053884 ko | ExtractionOCaml/perf_word_by_word_montgomery
 0m29.46s |   51052 ko | fiat-rust/src/p448_solinas_32.rs
 0m29.26s |  190512 ko | fiat-bedrock2/src/secp256k1_32.c
 0m29.02s | 1053672 ko | ExtractionOCaml/bedrock2_base_conversion
 0m28.70s |  196588 ko | fiat-java/src/FiatSecp256K1.java
 0m28.08s |  217476 ko | fiat-java/src/FiatP256.java
 0m27.73s |  198524 ko | fiat-rust/src/secp256k1_32.rs
 0m27.69s | 1916264 ko | ExtractionOCaml/bedrock2_word_by_word_montgomery.ml
 0m27.62s | 1086056 ko | ExtractionOCaml/bedrock2_saturated_solinas
 0m27.26s |  189608 ko | fiat-c/src/secp256k1_32.c
 0m27.26s |  215472 ko | fiat-go/src/p256_32.go
 0m27.13s | 1089140 ko | ExtractionOCaml/base_conversion
 0m26.96s | 1787860 ko | ExtractionOCaml/word_by_word_montgomery.ml
 0m26.82s |  190440 ko | fiat-rust/src/p256_32.rs
 0m26.65s |  189664 ko | fiat-c/src/p256_32.c
 0m26.25s | 1054328 ko | ExtractionOCaml/saturated_solinas
 0m25.68s | 1086780 ko | ExtractionOCaml/perf_unsaturated_solinas
 0m25.54s |  209344 ko | fiat-go/src/secp256k1_32.go
 0m23.53s |   52116 ko | fiat-bedrock2/src/p448_solinas_64.c
 0m22.64s |  118728 ko | fiat-bedrock2/src/p434_64.c
 0m22.43s |   46136 ko | fiat-go/src/p448_solinas_64.go
 0m22.15s |   46056 ko | fiat-rust/src/p448_solinas_64.rs
 0m22.05s |   45892 ko | fiat-c/src/p448_solinas_64.c
 0m20.98s | 1585224 ko | ExtractionOCaml/bedrock2_unsaturated_solinas.ml
 0m20.27s |  123684 ko | fiat-rust/src/p434_64.rs
 0m19.23s |  131440 ko | fiat-c/src/p434_64.c
 0m19.17s | 1531960 ko | ExtractionOCaml/unsaturated_solinas.ml
 0m18.86s |  123072 ko | fiat-go/src/p434_64.go
 0m17.83s | 1729860 ko | ExtractionOCaml/perf_word_by_word_montgomery.ml
 0m17.82s | 1490644 ko | ExtractionOCaml/bedrock2_base_conversion.ml
 0m16.85s | 1507296 ko | ExtractionOCaml/bedrock2_saturated_solinas.ml
 0m16.79s | 1762800 ko | ExtractionOCaml/perf_unsaturated_solinas.ml
 0m16.59s | 1512576 ko | ExtractionOCaml/saturated_solinas.ml
 0m16.46s | 1483712 ko | ExtractionOCaml/base_conversion.ml
 0m12.39s |  129480 ko | fiat-go/src/p224_32.go
 0m12.38s |  116660 ko | fiat-bedrock2/src/p224_32.c
 0m12.38s |  115040 ko | fiat-java/src/FiatP224.java
 0m12.22s |  115064 ko | fiat-rust/src/p224_32.rs
 0m12.03s |  115652 ko | fiat-c/src/p224_32.c
 0m10.38s |   82772 ko | fiat-bedrock2/src/p384_64.c
 0m08.92s |   79460 ko | fiat-rust/src/p384_64.rs
 0m08.64s |   78952 ko | fiat-c/src/p384_64.c
 0m08.55s |   79640 ko | fiat-go/src/p384_64.go
 0m04.12s |   33240 ko | fiat-bedrock2/src/curve25519_32.c
 0m03.54s |   25924 ko | fiat-java/src/FiatCurve25519.java
 0m03.49s |   25636 ko | fiat-go/src/curve25519_32.go
 0m03.49s |   24396 ko | fiat-rust/src/curve25519_32.rs
 0m03.47s |   25820 ko | fiat-c/src/curve25519_32.c
 0m02.37s |   25400 ko | fiat-bedrock2/src/curve25519_64.c
 0m02.33s |   23336 ko | fiat-go/src/curve25519_64.go
 0m02.24s |   24212 ko | fiat-rust/src/curve25519_64.rs
 0m02.23s |   24088 ko | fiat-c/src/curve25519_64.c
 0m02.05s |  771148 ko | Bedrock/StandaloneOCamlMain.vo
 0m02.03s |   34112 ko | fiat-bedrock2/src/secp256k1_64.c
 0m02.00s |  759356 ko | Rewriter/PerfTesting/StandaloneOCamlMain.vo
 0m01.97s |   33988 ko | fiat-bedrock2/src/p224_64.c
 0m01.94s |   32776 ko | fiat-go/src/secp256k1_64.go
 0m01.92s |   32964 ko | fiat-go/src/p224_64.go
 0m01.90s |   31848 ko | fiat-bedrock2/src/p256_64.c
 0m01.86s |   33052 ko | fiat-rust/src/secp256k1_64.rs
 0m01.84s |   32692 ko | fiat-go/src/p256_64.go
 0m01.82s |   32744 ko | fiat-c/src/secp256k1_64.c
 0m01.82s |   33900 ko | fiat-rust/src/p224_64.rs
 0m01.79s |   33916 ko | fiat-c/src/p224_64.c
 0m01.72s |   34012 ko | fiat-rust/src/p256_64.rs
 0m01.70s |  745148 ko | StandaloneOCamlMain.vo
 0m01.62s |   35656 ko | fiat-c/src/p256_64.c
 0m00.43s |   20536 ko | fiat-bedrock2/src/poly1305_32.c
 0m00.38s |   16816 ko | fiat-java/src/FiatPoly1305.java
 0m00.37s |   16936 ko | fiat-go/src/poly1305_32.go
 0m00.37s |   17920 ko | fiat-rust/src/poly1305_32.rs
 0m00.35s |   18024 ko | fiat-c/src/poly1305_32.c
 0m00.31s |   17700 ko | fiat-go/src/poly1305_64.go
 0m00.29s |   18852 ko | fiat-bedrock2/src/poly1305_64.c
 0m00.26s |   16880 ko | fiat-c/src/poly1305_64.c
 0m00.26s |   16816 ko | fiat-rust/src/poly1305_64.rs

```
</p>

1 parent d43df58

Files
Changes

Permalinks

Tip revision: ccf644f710b931dad8339aa63c1ce6e95d19a623 authored by Jason Gross on 20 May 2020, 00:02:51 UTC
Add p448_32

Tip revision: ccf644f

primes.txt

# single-tap:

2^127 - 1 # "kummer strikes back"
2^129 - 25
2^130 - 5 # poly1305
2^137 - 13
2^140 - 27
2^141 - 9
2^150 - 5
2^150 - 3
2^152 - 17
2^158 - 15
2^165 - 25
2^166 - 5
2^171 - 19
2^174 - 17
2^174 - 3
2^189 - 25
2^190 - 11
2^191 - 19
2^194 - 33
2^196 - 15
2^198 - 17
2^206 - 5
2^212 - 29
2^213 - 3
2^221 - 3
2^222 - 117
2^226 - 5
2^230 - 27
2^235 - 15
2^243 - 9
2^251 - 9
2^255 - 765
2^255 - 19 # curve25519
2^256 - 189
2^266 - 3
2^285 - 9
2^291 - 19
2^321 - 9
2^336 - 17
2^336 - 3
2^338 - 15
2^369 - 25
2^379 - 19
2^382 - 105
2^383 - 421
2^383 - 187
2^383 - 31
2^384 - 317
2^389 - 21
2^401 - 31
2^413 - 21
2^414 - 17
2^444 - 17
2^452 - 3
2^468 - 17
2^488 - 17
2^489 - 21
2^495 - 31
2^511 - 481
2^511 - 187
2^512 - 569
2^521 - 1 # p512

# two taps, golden ratio:

2^192 - 2^64 - 1
2^216 - 2^108 - 1
2^322 - 2^161 - 1
2^416 - 2^208 - 1
2^448 - 2^224 - 1 # goldilocks
2^450 - 2^225 - 1
2^480 - 2^240 - 1 # ridinghood

# two or more taps

2^205 - 45*2^198 - 1
2^224 - 2^96 + 1 # p224
2^256 - 2^224 + 2^192 + 2^96 - 1 # p256
2^256 - 2^32 - 977 # bitcoin
2^256 - 4294968273 # bitcoin, for 64-bit impl
2^384 - 2^128 - 2^96 + 2^32 - 1 # p384

# Montgomery-Friendly

2^256 - 88*2^240 - 1
2^254 - 127*2^240 - 1
2^384 - 79*2^376 - 1
2^384 - 5*2^368 - 1
2^512 - 491*2^496 - 1
2^510 - 290*2^496 - 1

Showing with 0 additions and 0 deletions (0 / 0 diffs computed)

Computing file changes ...