mirror/gmsm
1
0
Fork 0
mirror of https://github.com/emmansun/gmsm.git synced 2025-05-15 05:26:19 +08:00
Code Issues Packages Projects Releases Wiki Activity

Updated SM2 MFMM (2) (markdown)

Sun Yimin 2024-02-23 09:35:13 +08:00
parent 43599b66e7
commit 87dfe96e85
1 changed files with 14 additions and 10 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

24
SM2-MFMM-(2).md

@ -12,7 +12,7 @@ $$P = p_3 \ast 2^{192} + p_2 \ast 2^{128} + p_1 \ast 2^{64} + p_0$$
$$P = 2^{256}-(2^{32} \ast 2^{192} + 0 \ast 2^{128} + (2^{32} - 1) \ast 2^{64} + 1)$$
## 平方的模约减优化
## P域平方的模约减优化
假设 $T=a^2$
$T=t_7 \ast 2^{448} + t_6 \ast 2^{384} + t_5 \ast 2^{320} + t_4 \ast 2^{256} + t_3 \ast 2^{192} + t_2 \ast 2^{128} + t_1 \ast 2^{64} + t_0 $
@ -123,7 +123,7 @@ $t_0=t_0 - a_1$
加法4
减法4
## 乘法的模约减优化
## P域乘法的模约减优化
乘法没有和平方一样,先把乘法做完再约减,而是乘法和约减混合在一起做的。
假设:
$X = x_3 \ast 2^{192} + x_2 \ast 2^{128} + x_1 \ast 2^{64} + x_0$
@ -271,6 +271,7 @@ $t_5=t_5 - 0$
SM2的素数Order=0xFFFFFFFEFFFFFFFFFFFFFFFFFFFFFFFF7203DF6B21C6052B53BBF40939D54123
$$O = O_3 \ast 2^{192} + O_2 \ast 2^{128} + O_1 \ast 2^{64} + O_0$$
$$O = 2^{192} - 2^{32} \ast 2^{192} - 2^{128} + O_1 \ast 2^{64} + O_0$$
$O_0=0xFFFFFFFEFFFFFFFF$
$O_1=0xFFFFFFFF00000000$
@ -300,9 +301,9 @@ $Y=T_1 \ast k_0$
### 方案一:(乘法、加法)
这个方案和P域的方案类似。
$T_2=T_1 \ast P=Y \ast P= (Y \ast p_3) \ast 2^{192} + (Y \ast p_2) \ast 2^{128} + (Y \ast p_1) \ast 2^{64} + (Y \ast p_0)$
$T_2=T_1 \ast O=Y \ast O= (Y \ast O_3) \ast 2^{192} + (Y \ast O_2) \ast 2^{128} + (Y \ast O_1) \ast 2^{64} + (Y \ast O_0)$
$T_3=T + T_2=t_7 \ast 2^{448} + t_6 \ast 2^{384} + t_5 \ast 2^{320} + t_4 \ast 2^{256} + (t_3+Y \ast p_3) \ast 2^{192} + (t_2+Y \ast p_2) \ast 2^{128} + (t_1+Y \ast p_1) \ast 2^{64} + t_0 + Y \ast p_0 $
$T_3=T + T_2=t_7 \ast 2^{448} + t_6 \ast 2^{384} + t_5 \ast 2^{320} + t_4 \ast 2^{256} + (t_3+Y \ast O_3) \ast 2^{192} + (t_2+Y \ast O_2) \ast 2^{128} + (t_1+Y \ast O_1) \ast 2^{64} + t_0 + Y \ast O_0 $
共四次约减,结果表示为 $[t_3,t_2,t_1,t_0]$
下面没有表示出高64位和进位处理
@ -470,14 +471,14 @@ $T=(y_0 \ast x_3 \ast 2^{192}) + (y_0 \ast x_2 \ast 2^{128}) + (y_0 \ast x_1 \as
$=t_4 \ast 2^{256} + t_3 \ast 2^{192} + t_2 \ast 2^{128} + t_1 \ast 2^{64} + t_0$
### 方案一:(乘法、加法)
$T_2=T_1 \ast P=Y \ast P= (Y \ast p_3) \ast 2^{192} + (Y \ast p_2) \ast 2^{128} + (Y \ast p_1) \ast 2^{64} + (Y \ast p_0)$
$T_3=T + T_2=t_4 \ast 2^{256} + (t_3+Y \ast p_3) \ast 2^{192} + (t_2+Y \ast p_2) \ast 2^{128} + (t_1+Y \ast p_1) \ast 2^{64} + t_0 + Y \ast p_0 $
$T_2=T_1 \ast O=Y \ast O= (Y \ast O_3) \ast 2^{192} + (Y \ast O_2) \ast 2^{128} + (Y \ast O_1) \ast 2^{64} + (Y \ast O_0)$
$T_3=T + T_2=t_4 \ast 2^{256} + (t_3+Y \ast O_3) \ast 2^{192} + (t_2+Y \ast O_2) \ast 2^{128} + (t_1+Y \ast O_1) \ast 2^{64} + t_0 + Y \ast O_0 $
下面没有表示出高64位和进位处理
$t_0=t_0 + Y \ast p_0$
$t_1=t_1 + Y \ast p_1$
$t_2=t_2 + Y \ast p_2$
$t_3=t_3 + Y \ast p_3$
$t_0=t_0 + Y \ast O_0$
$t_1=t_1 + Y \ast O_1$
$t_2=t_2 + Y \ast O_2$
$t_3=t_3 + Y \ast O_3$
$t_4=t_4 + 0$
$t_5=0 + 0$
@ -547,3 +548,6 @@ $t_5=0 + 0$
```
乘法: 5
加法10
### 方案二:(移位、加法、减法)