forked from robur/blog.robur.coop
ec: turn the claims lower, refer to edwin's post
This commit is contained in:
parent
285ca97121
commit
41395cb194
1 changed files with 1 additions and 1 deletions
|
@ -18,7 +18,7 @@ TL;DR: replacing cstruct with string, we gain a factor of 2.5 in performance.
|
|||
|
||||
## Mirage-crypto-ec
|
||||
|
||||
In April 2021 We published our implementation of [elliptic curve cryptography](https://hannes.robur.coop/Posts/EC) (as `mirage-crypto-ec` opam package) - this is DSA and DH for NIST curves P224, P256, P384, and P521, and also Ed25519 (EdDSA) and X25519 (ECDH). We use [fiat-crypto](https://github.com/mit-plv/fiat-crypto/) for the cryptographic primitives, which emits C code that by construction is free of timing side channels (by not having any data-dependent branches). More C code (such as `point_add`, `point_double`, and further 25519 computations including tables) have been taken from the BoringSSL code base. A lot of OCaml code originates from our TLS 1.3 work in 2018, where Etienne Millon, Nathan Rebours, and Clément Pascutto interfaced [elliptic curves for OCaml](https://github.com/mirage/fiat/) (with the goal of being usable with MirageOS).
|
||||
In April 2021 We published our implementation of [elliptic curve cryptography](https://hannes.robur.coop/Posts/EC) (as `mirage-crypto-ec` opam package) - this is DSA and DH for NIST curves P224, P256, P384, and P521, and also Ed25519 (EdDSA) and X25519 (ECDH). We use [fiat-crypto](https://github.com/mit-plv/fiat-crypto/) for the cryptographic primitives, which emits C code that by construction is correct (note: earlier we stated "free of timing side-channels", but this is a huge challenge, and as [reported by Edwin Török](https://discuss.systems/@edwintorok/111925959867297453) likely impossible on current x86 hardware). More C code (such as `point_add`, `point_double`, and further 25519 computations including tables) have been taken from the BoringSSL code base. A lot of OCaml code originates from our TLS 1.3 work in 2018, where Etienne Millon, Nathan Rebours, and Clément Pascutto interfaced [elliptic curves for OCaml](https://github.com/mirage/fiat/) (with the goal of being usable with MirageOS).
|
||||
|
||||
The goal of mirage-crypto-ec was: develop elliptic curve support for OCaml & MirageOS quickly - which didn't leave much time to focus on performance. As time goes by, our mileage varies, and we're keen to use fewer resources - and thus fewer CPU time and a smaller memory footprint is preferable.
|
||||
|
||||
|
|
Loading…
Reference in a new issue