bb::bernstein_yang Namespace Reference

Classes
struct	DivstepMatrix
class	Native5x64
struct	NativeMatrix
class	Wasm9x29

Typedefs
using	u64 = uint64_t
using	i64 = int64_t
using	State = Native5x64

Functions
template<class S = State>
uint256_t	invert_vartime (const uint256_t &a, const uint256_t &p, u64 p_inv_mod_2k) noexcept
	Variable-time safegcd inverse (Bernstein-Yang TCHES 2019, Pornin 2020 §4).
constexpr u64	p_inv_mod_2k_from_montgomery_r_inv (u64 r_inv) noexcept

Variables
template<class T >
constexpr bool	supported_v

Typedef Documentation

i64

using bb::bernstein_yang::i64 = typedef int64_t

Definition at line 32 of file bernstein_yang_inverse.hpp.

State

using bb::bernstein_yang::State = typedef Native5x64

Definition at line 311 of file bernstein_yang_inverse.hpp.

u64

using bb::bernstein_yang::u64 = typedef uint64_t

Definition at line 31 of file bernstein_yang_inverse.hpp.

Function Documentation

invert_vartime()

template<class S = State>

uint256_t bb::bernstein_yang::invert_vartime ( const uint256_t &  a, const uint256_t &  p, u64  p_inv_mod_2k  )

inlinenoexcept

Variable-time safegcd inverse (Bernstein-Yang TCHES 2019, Pornin 2020 §4).

Iterates (f, g) starting at (p, a); each outer iter batches BATCH divsteps into a 2×2 matrix M and applies M to (f, g) / (d, e). When g reaches 0, gcd(p, a) = ±f and a⁻¹ = ±d mod p. Returns 0 for a == 0.

Parameters

p_inv_mod_2k

p⁻¹ mod 2^BATCH (used by apply_divstep_matrix's 2-adic correction).

Precondition

p odd prime, p < 2^255, 0 ≤ a < p.

Definition at line 325 of file bernstein_yang_inverse.hpp.

p_inv_mod_2k_from_montgomery_r_inv()

constexpr u64 bb::bernstein_yang::p_inv_mod_2k_from_montgomery_r_inv ( u64  r_inv )

inlineconstexprnoexcept

Definition at line 352 of file bernstein_yang_inverse.hpp.

Variable Documentation

supported_v

template<class T >

constexpr bool bb::bernstein_yang::supported_v

inlineconstexpr

Initial value:

=
 
 
 
    false

Definition at line 362 of file bernstein_yang_inverse.hpp.