mirror of
https://github.com/emmansun/gmsm.git
synced 2025-05-15 21:46:18 +08:00
Updated SM2 MFMM (2) (markdown)
Sun Yimin
parent
57dd400fa9
commit
43599b66e7
@ -277,7 +277,7 @@ $O_1=0xFFFFFFFF00000000$
|
|||||||
$O_2=0x7203DF6B21C6052B$
|
$O_2=0x7203DF6B21C6052B$
|
||||||
$O_3=0x53BBF40939D54123$
|
$O_3=0x53BBF40939D54123$
|
||||||
|
|
||||||
## Order平方的模约减优化
|
## Order域平方的模约减优化
|
||||||
假设 $T=a^2$ :
|
假设 $T=a^2$ :
|
||||||
$T=t_7 \ast 2^{448} + t_6 \ast 2^{384} + t_5 \ast 2^{320} + t_4 \ast 2^{256} + t_3 \ast 2^{192} + t_2 \ast 2^{128} + t_1 \ast 2^{64} + t_0 $
|
$T=t_7 \ast 2^{448} + t_6 \ast 2^{384} + t_5 \ast 2^{320} + t_4 \ast 2^{256} + t_3 \ast 2^{192} + t_2 \ast 2^{128} + t_1 \ast 2^{64} + t_0 $
|
||||||
|
|
||||||
@ -459,4 +459,91 @@ $t_0=0+0$
|
|||||||
|
|
||||||
看来在支持**MULXQ/ADCXQ/ADOXQ**的情况下,使用方案一更好!
|
看来在支持**MULXQ/ADCXQ/ADOXQ**的情况下,使用方案一更好!
|
||||||
|
|
||||||
|
## Order域乘法的模约减优化
|
||||||
|
乘法没有和平方一样,先把乘法做完再约减,而是乘法和约减混合在一起做的。
|
||||||
|
假设:
|
||||||
|
$X = x_3 \ast 2^{192} + x_2 \ast 2^{128} + x_1 \ast 2^{64} + x_0$
|
||||||
|
$Y = y_3 \ast 2^{192} + y_2 \ast 2^{128} + y_1 \ast 2^{64} + y_0$
|
||||||
|
|
||||||
|
则第一轮先处理 $X \ast y_0$
|
||||||
|
$T=(y_0 \ast x_3 \ast 2^{192}) + (y_0 \ast x_2 \ast 2^{128}) + (y_0 \ast x_1 \ast 2^{64}) + y_0 \ast x_0$
|
||||||
|
$=t_4 \ast 2^{256} + t_3 \ast 2^{192} + t_2 \ast 2^{128} + t_1 \ast 2^{64} + t_0$
|
||||||
|
|
||||||
|
### 方案一:(乘法、加法)
|
||||||
|
$T_2=T_1 \ast P=Y \ast P= (Y \ast p_3) \ast 2^{192} + (Y \ast p_2) \ast 2^{128} + (Y \ast p_1) \ast 2^{64} + (Y \ast p_0)$
|
||||||
|
$T_3=T + T_2=t_4 \ast 2^{256} + (t_3+Y \ast p_3) \ast 2^{192} + (t_2+Y \ast p_2) \ast 2^{128} + (t_1+Y \ast p_1) \ast 2^{64} + t_0 + Y \ast p_0 $
|
||||||
|
|
||||||
|
(下面没有表示出高64位和进位处理)
|
||||||
|
$t_0=t_0 + Y \ast p_0$
|
||||||
|
$t_1=t_1 + Y \ast p_1$
|
||||||
|
$t_2=t_2 + Y \ast p_2$
|
||||||
|
$t_3=t_3 + Y \ast p_3$
|
||||||
|
$t_4=t_4 + 0$
|
||||||
|
$t_5=0 + 0$
|
||||||
|
|
||||||
|
```asm
|
||||||
|
// First reduction step
|
||||||
|
MOVQ acc0, AX
|
||||||
|
MULQ ·np+0x00(SB)
|
||||||
|
MOVQ AX, t0
|
||||||
|
|
||||||
|
MOVQ ·p2+0x00(SB), AX
|
||||||
|
MULQ t0
|
||||||
|
ADDQ AX, acc0
|
||||||
|
ADCQ $0, DX
|
||||||
|
MOVQ DX, BX
|
||||||
|
|
||||||
|
MOVQ ·p2+0x08(SB), AX
|
||||||
|
MULQ t0
|
||||||
|
ADDQ BX, acc1
|
||||||
|
ADCQ $0, DX
|
||||||
|
ADDQ AX, acc1
|
||||||
|
ADCQ $0, DX
|
||||||
|
MOVQ DX, BX
|
||||||
|
|
||||||
|
MOVQ ·p2+0x10(SB), AX
|
||||||
|
MULQ t0
|
||||||
|
ADDQ BX, acc2
|
||||||
|
ADCQ $0, DX
|
||||||
|
ADDQ AX, acc2
|
||||||
|
ADCQ $0, DX
|
||||||
|
MOVQ DX, BX
|
||||||
|
|
||||||
|
MOVQ ·p2+0x18(SB), AX
|
||||||
|
MULQ t0
|
||||||
|
ADDQ BX, acc3
|
||||||
|
ADCQ $0, DX
|
||||||
|
ADDQ AX, acc3
|
||||||
|
ADCQ DX, acc4
|
||||||
|
ADCQ $0, acc5
|
||||||
|
```
|
||||||
|
乘法: 5
|
||||||
|
加法:15
|
||||||
|
|
||||||
|
**使用MULXQ/ADCXQ/ADOXQ**:
|
||||||
|
```asm
|
||||||
|
// First reduction step
|
||||||
|
MOVQ acc0, DX
|
||||||
|
MULXQ ·np+0x00(SB), DX, AX
|
||||||
|
|
||||||
|
MULXQ ·p2+0x00(SB), AX, t0
|
||||||
|
ADOXQ AX, acc0
|
||||||
|
|
||||||
|
MULXQ ·p2+0x08(SB), AX, BX
|
||||||
|
ADCXQ t0, AX
|
||||||
|
ADOXQ AX, acc1
|
||||||
|
|
||||||
|
MULXQ ·p2+0x10(SB), AX, t0
|
||||||
|
ADCXQ BX, AX
|
||||||
|
ADOXQ AX, acc2
|
||||||
|
|
||||||
|
MULXQ ·p2+0x18(SB), AX, BX
|
||||||
|
ADCXQ t0, AX
|
||||||
|
ADOXQ AX, acc3
|
||||||
|
|
||||||
|
ADCXQ res_ptr, BX
|
||||||
|
ADOXQ BX, acc4
|
||||||
|
ADOXQ res_ptr, acc5
|
||||||
|
```
|
||||||
|
乘法: 5
|
||||||
|
加法:10
|
||||||
|
|||||||
Loading…
x
Reference in New Issue
Block a user