haskal
/
spot-the-bug
1
0
Fork 0
Code Issues Pull Requests Releases Wiki Activity
spot-the-bug/stream-ciphers/monocypher-3.1.1/doc/html/crypto_x25519_dirty_small.html

103 lines
5.2 KiB
HTML
Raw Blame History

<!DOCTYPE html>
<html>
<head>
<meta charset="utf-8"/>
<style>
table.head, table.foot { width: 100%; }
td.head-rtitle, td.foot-os { text-align: right; }
td.head-vol { text-align: center; }
div.Pp { margin: 1ex 0ex; }
</style>
<link rel="stylesheet" href="style.css" type="text/css" media="all"/>
<title>CRYPTO_X25519_DIRTY_FAST(3monocypher)</title>
</head>
<body>
<table class="head">
<tr>
<td class="head-ltitle">CRYPTO_X25519_DIRTY_FAST(3monocypher)</td>
<td class="head-vol">3monocypher</td>
<td class="head-rtitle">CRYPTO_X25519_DIRTY_FAST(3monocypher)</td>
</tr>
</table>
<div class="manual-text">
<h1 class="Sh" title="Sh" id="NAME"><a class="selflink" href="#NAME">NAME</a></h1>
<b class="Nm" title="Nm">crypto_x25519_dirty_fast</b>,
<b class="Nm" title="Nm">crypto_x25519_dirty_small</b> &#x2014;
<span class="Nd" title="Nd">generation of Curve25519 points with a low-order
component</span>
<h1 class="Sh" title="Sh" id="SYNOPSIS"><a class="selflink" href="#SYNOPSIS">SYNOPSIS</a></h1>
<b class="In" title="In">#include
&lt;<a class="In" title="In">monocypher.h</a>&gt;</b>
<div class="Pp"></div>
<var class="Ft" title="Ft">void</var>
<br/>
<b class="Fn" title="Fn">crypto_x25519_dirty_fast</b>(<var class="Fa" title="Fa">uint8_t
pk[32]</var>, <var class="Fa" title="Fa">const uint8_t sk[32]</var>);
<div class="Pp"></div>
<var class="Ft" title="Ft">void</var>
<br/>
<b class="Fn" title="Fn">crypto_x25519_dirty_small</b>(<var class="Fa" title="Fa">uint8_t
pk[32]</var>, <var class="Fa" title="Fa">const uint8_t sk[32]</var>);
<h1 class="Sh" title="Sh" id="DESCRIPTION"><a class="selflink" href="#DESCRIPTION">DESCRIPTION</a></h1>
These functions are used in public key generation for
<a class="Xr" title="Xr" href="crypto_curve_to_hidden.html">crypto_curve_to_hidden(3monocypher)</a>.
<b class="Sy" title="Sy">This is a highly advanced feature</b>; unless you are
reading this because you were referred here from
<a class="Xr" title="Xr" href="crypto_curve_to_hidden.html">crypto_curve_to_hidden(3monocypher)</a>,
<b class="Sy" title="Sy">you likely have no reason to be using these
functions</b> and are probably looking for
<a class="Xr" title="Xr" href="crypto_key_exchange.html">crypto_key_exchange(3monocypher)</a>
or
<a class="Xr" title="Xr" href="crypto_x25519.html">crypto_x25519(3monocypher)</a>
instead. Expect elliptic curve jargon on this page.
<div class="Pp"></div>
Both functions generate a Curve25519 public key
<var class="Fa" title="Fa">pk</var> from the given secret key
<var class="Fa" title="Fa">sk</var>; the public keys are on the
<i class="Em" title="Em">whole</i> curve, rather than just the main
prime-order subgroup. Both do the same with different code size and memory
characteristics: <b class="Fn" title="Fn">crypto_x25519_dirty_fast</b>() uses
multiple large temporary variables and uses functions that are normally used
internally for
<a class="Xr" title="Xr" href="crypto_sign.html">crypto_sign(3monocypher)</a>;
accordingly, it uses both more memory (for the temporary variables) and more
code size (unless the signing code is already compiled in elsewhere).
<b class="Fn" title="Fn">crypto_x25519_dirty_small</b>() yields the same
result, but does so using less code and memory at a large performance penalty
compared to <b class="Fn" title="Fn">crypto_x25519_dirty_fast</b>().
<div class="Pp"></div>
The resulting public keys are to be used with
<a class="Xr" title="Xr" href="crypto_x25519.html">crypto_x25519(3monocypher)</a>
or
<a class="Xr" title="Xr" href="crypto_key_exchange.html">crypto_key_exchange(3monocypher)</a>,
which clear the cofactor.
<h1 class="Sh" title="Sh" id="RETURN_VALUES"><a class="selflink" href="#RETURN_VALUES">RETURN
VALUES</a></h1>
These functions have no return value. They cannot fail.
<h1 class="Sh" title="Sh" id="SEE_ALSO"><a class="selflink" href="#SEE_ALSO">SEE
ALSO</a></h1>
<a class="Xr" title="Xr" href="crypto_curve_to_hidden.html">crypto_curve_to_hidden(3monocypher)</a>,
<a class="Xr" title="Xr" href="crypto_key_exchange_public_key.html">crypto_key_exchange_public_key(3monocypher)</a>,
<a class="Xr" title="Xr" href="crypto_x25519_public_key.html">crypto_x25519_public_key(3monocypher)</a>,
<a class="Xr" title="Xr" href="intro.html">intro(3monocypher)</a>
<h1 class="Sh" title="Sh" id="HISTORY"><a class="selflink" href="#HISTORY">HISTORY</a></h1>
The <b class="Fn" title="Fn">crypto_x25519_dirty_fast</b>() and
<b class="Fn" title="Fn">crypto_x25519_dirty_small</b>() functions first
appeared in Monocypher 3.1.0.
<h1 class="Sh" title="Sh" id="IMPLEMENTATION_DETAILS"><a class="selflink" href="#IMPLEMENTATION_DETAILS">IMPLEMENTATION
DETAILS</a></h1>
The slow variant is approximately an entire two times slower than the fast
variant. When considering that, on average, two calls to this function will be
required for obtaining a valid key pair for
<a class="Xr" title="Xr" href="crypto_curve_to_hidden.html">crypto_curve_to_hidden(3monocypher)</a>,
this adds up to an <i class="Em" title="Em">average</i> effective slowdown for
key pair generation of a factor of four.</div>
<table class="foot">
<tr>
<td class="foot-date">March 24, 2020</td>
<td class="foot-os">Linux 4.15.0-106-generic</td>
</tr>
</table>
</body>
</html>
Reference in New Issue View Git Blame Copy Permalink