Skip to content

fix LTC_MECC_FP#410

Merged
sjaeckel merged 5 commits intodevelopfrom
pr/fix-LTC_MECC_FP
Apr 29, 2026
Merged

fix LTC_MECC_FP#410
sjaeckel merged 5 commits intodevelopfrom
pr/fix-LTC_MECC_FP

Conversation

@karel-m
Copy link
Copy Markdown
Member

@karel-m karel-m commented Jun 21, 2018

In the branch pr/fix-LTC_MECC_FP I have tried (unsuccessfully) to fix LTC_MECC_FP support.

The fix does not work but before I invest more time into it I want to ask whether the LTC_MECC_FP is worth to keep, or whether it could be removed.

@sjaeckel
Copy link
Copy Markdown
Member

sjaeckel commented Jul 3, 2018

Just a question beforehand: I'm not 100% sure, but AFAIU LTC_MECC_FP makes timing attacks even easier, right?

@karel-m karel-m force-pushed the pr/fix-LTC_MECC_FP branch 2 times, most recently from 077268e to 72c7eae Compare July 9, 2018 10:43
@sjaeckel sjaeckel added this to the next milestone Jul 16, 2018
@sjaeckel sjaeckel mentioned this pull request Feb 22, 2021
Open
@karel-m karel-m force-pushed the pr/fix-LTC_MECC_FP branch 4 times, most recently from dcfb79e to 98c76a7 Compare April 23, 2026 21:54
@sjaeckel sjaeckel force-pushed the pr/fix-LTC_MECC_FP branch from 98c76a7 to bdaaba6 Compare April 27, 2026 13:48
@sjaeckel
Copy link
Copy Markdown
Member

sjaeckel commented Apr 27, 2026

I'm always again surprised of the speedup that is possible with ECC_FP enabled!

Timing demo with LTM and ECC-112:

operation #cycles without ECC_FP #cycles with ECC_FP
make_key 613.245 131.758
encrypt_key 1.224.049 192.638
decrypt_key 1.243.205 820.007
sign_hash 644.515 103.115
verify_hash 374.414 86.590

and ECC-520:

operation #cycles without ECC_FP #cycles with ECC_FP
make_key 7.282.474 976.664
encrypt_key 14.198.652 1.767.197
decrypt_key 14.536.090 8.376.981
sign_hash 7.134.296 913.094
verify_hash 4.165.799 974.237

karel-m and others added 5 commits April 29, 2026 10:53
@karel-m @sjaeckel
fix LTC_MECC_FP
6affa8b
@sjaeckel
Fix potential unsigned underflow.
2258637 
Running the `timing` demo with `LTC_MECC_FP` enabled gave a segfault,
which Valgrind narrowed down to

```
==135594== Invalid read of size 1
==135594==    at 0x49298C: ss_accel_fp_mul2add (ltc_ecc_fp_mulmod.c:1007)
==135594==    by 0x4931C1: ltc_ecc_fp_mul2add (ltc_ecc_fp_mulmod.c:1192)
==135594==    by 0x41C1B2: ecc_verify_hash_internal (ecc_verify_hash_internal.c:114)
==135594==    by 0x41C830: ecc_verify_hash_rfc7518_internal (ecc_verify_hash_rfc7518.c:35)
==135594==    by 0x40340F: time_ecc (timing.c:1031)
==135594==    by 0x402894: main (timing.c:1621)
==135594==  Address 0x20feffeb2f is not stack'd, malloc'd or (recently) free'd
```

The origin being `ltc_mp_unsigned_bin_size(tkb)` returning 0, so y is -1,
but as an unsigned type that's no fun.

Fixed by making y a signed type.

Signed-off-by: Steffen Jaeckel <s@jaeckel.eu>
@sjaeckel
Fix typo
1f28017 
Signed-off-by: Steffen Jaeckel <s@jaeckel.eu>
@sjaeckel
Fix ECC FP API.
576258b 
We have to return an error code when working with the mutex API.

Signed-off-by: Steffen Jaeckel <s@jaeckel.eu>
@sjaeckel
Add CI jobs with ECC FP enabled.
9e1c617 
We replace the PTHREAD job with `ECC_FP+PTHREAD` since PTHREAD is only
relevant for ECC_FP and the PRNG's.

Signed-off-by: Steffen Jaeckel <s@jaeckel.eu>
@sjaeckel sjaeckel force-pushed the pr/fix-LTC_MECC_FP branch from bdaaba6 to 9e1c617 Compare April 29, 2026 08:55
@sjaeckel sjaeckel merged commit 6e699f9 into develop Apr 29, 2026
0 of 250 checks passed
@sjaeckel sjaeckel deleted the pr/fix-LTC_MECC_FP branch April 29, 2026 08:56
@sjaeckel sjaeckel changed the title fix or drop LTC_MECC_FP fix LTC_MECC_FP Apr 29, 2026
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

No reviews

Assignees

No one assigned

Labels

None yet

Projects

None yet

Milestone

next

Development

Successfully merging this pull request may close these issues.

2 participants

@karel-m @sjaeckel