Botan::WindowedBoothMulTable< C, W > Class Template Reference

#include <pcurves_impl.h>

Public Types
typedef C::AffinePoint	AffinePoint
using	BlindedScalar = BlindedScalarBits<C, WindowBits + 1>
typedef C::ProjectivePoint	ProjectivePoint
typedef C::Scalar	Scalar

Public Member Functions
ProjectivePoint	mul (const Scalar &s, RandomNumberGenerator &rng) const
	WindowedBoothMulTable (const AffinePoint &p)

Static Public Member Functions
static constexpr size_t	compute_full_windows (size_t sb, size_t wb)
static constexpr size_t	compute_initial_shift (size_t sb, size_t wb)

Static Public Attributes
static constexpr size_t	TableBits = W
static constexpr size_t	TableSize = 1 << TableBits
static constexpr size_t	WindowBits = TableBits + 1

Detailed Description

template<typename C, size_t W>
class Botan::WindowedBoothMulTable< C, W >

Precomputed point multiplication table with Booth

Definition at line 1455 of file pcurves_impl.h.

Member Typedef Documentation

AffinePoint

template<typename C, size_t W>

typedef C::AffinePoint Botan::WindowedBoothMulTable< C, W >::AffinePoint

Definition at line 1458 of file pcurves_impl.h.

BlindedScalar

template<typename C, size_t W>

using Botan::WindowedBoothMulTable< C, W >::BlindedScalar = BlindedScalarBits<C, WindowBits + 1>

Definition at line 1466 of file pcurves_impl.h.

ProjectivePoint

template<typename C, size_t W>

typedef C::ProjectivePoint Botan::WindowedBoothMulTable< C, W >::ProjectivePoint

Definition at line 1459 of file pcurves_impl.h.

Scalar

template<typename C, size_t W>

typedef C::Scalar Botan::WindowedBoothMulTable< C, W >::Scalar

Definition at line 1457 of file pcurves_impl.h.

Constructor & Destructor Documentation

WindowedBoothMulTable()

template<typename C, size_t W>

Botan::WindowedBoothMulTable< C, W >::WindowedBoothMulTable ( const AffinePoint & p )

inlineexplicit

Definition at line 1487 of file pcurves_impl.h.

: m_table(varpoint_setup<C, TableSize>(p)) {}

References TableSize, and Botan::varpoint_setup().

Member Function Documentation

compute_full_windows()

template<typename C, size_t W>

constexpr size_t Botan::WindowedBoothMulTable< C, W >::compute_full_windows ( size_t sb, size_t wb )

inlinestaticconstexpr

Definition at line 1468 of file pcurves_impl.h.

                                                                         {
         if(sb % wb == 0) {
            return (sb - 1) / wb;
         } else {
            return sb / wb;
         }
      }

Referenced by mul().

compute_initial_shift()

template<typename C, size_t W>

constexpr size_t Botan::WindowedBoothMulTable< C, W >::compute_initial_shift ( size_t sb, size_t wb )

inlinestaticconstexpr

Definition at line 1476 of file pcurves_impl.h.

                                                                          {
         if(sb % wb == 0) {
            return wb;
         } else {
            return sb - (sb / wb) * wb;
         }
      }

Referenced by mul().

mul()

template<typename C, size_t W>

ProjectivePoint Botan::WindowedBoothMulTable< C, W >::mul ( const Scalar & s, RandomNumberGenerator & rng ) const

inline

Definition at line 1489 of file pcurves_impl.h.

                                                                             {
         const BlindedScalar bits(s, rng);
 
         const size_t scalar_bits = bits.bits();
         const size_t full_windows = compute_full_windows(scalar_bits + 1, WindowBits);
         const size_t initial_shift = compute_initial_shift(scalar_bits + 1, WindowBits);
 
         BOTAN_DEBUG_ASSERT(full_windows * WindowBits + initial_shift == scalar_bits + 1);
         BOTAN_DEBUG_ASSERT(initial_shift > 0);
 
         auto accum = ProjectivePoint::identity();
         CT::poison(accum);
 
         for(size_t i = 0; i != full_windows; ++i) {
            const size_t idx = scalar_bits - initial_shift - WindowBits * i;
 
            const size_t w_i = bits.get_window(idx);
            const auto [tidx, tneg] = booth_recode<WindowBits>(w_i);
 
            // Conditional ok: loop iteration count is public
            if(i == 0) {
               accum = ProjectivePoint::from_affine(m_table.ct_select(tidx));
               accum.conditional_assign(tneg, accum.negate());
            } else {
               accum = ProjectivePoint::add_or_sub(accum, m_table.ct_select(tidx), tneg);
            }
 
            accum = accum.dbl_n(WindowBits);
 
            // Conditional ok: loop iteration count is public
            if(i <= 3) {
               accum.randomize_rep(rng);
            }
         }
 
         // final window (note one bit shorter than previous reads)
         const size_t w_l = bits.get_window(0) & ((1 << WindowBits) - 1);
         const auto [tidx, tneg] = booth_recode<WindowBits>(w_l << 1);
         accum = ProjectivePoint::add_or_sub(accum, m_table.ct_select(tidx), tneg);
 
         CT::unpoison(accum);
         return accum;
      }

References Botan::BlindedScalarBits< C, WindowBits >::bits(), Botan::booth_recode(), BOTAN_DEBUG_ASSERT, compute_full_windows(), compute_initial_shift(), Botan::BlindedScalarBits< C, WindowBits >::get_window(), Botan::CT::poison(), Botan::CT::unpoison(), and WindowBits.

Member Data Documentation

TableBits

template<typename C, size_t W>

size_t Botan::WindowedBoothMulTable< C, W >::TableBits = W

staticconstexpr

Definition at line 1461 of file pcurves_impl.h.

TableSize

template<typename C, size_t W>

size_t Botan::WindowedBoothMulTable< C, W >::TableSize = 1 << TableBits

staticconstexpr

Definition at line 1485 of file pcurves_impl.h.

Referenced by WindowedBoothMulTable().

WindowBits

template<typename C, size_t W>

size_t Botan::WindowedBoothMulTable< C, W >::WindowBits = TableBits + 1

staticconstexpr

Definition at line 1464 of file pcurves_impl.h.

Referenced by mul().

---

The documentation for this class was generated from the following file:

• src/lib/math/pcurves/pcurves_impl/pcurves_impl.h