Got stuck with Ed25519

Wed Sep 11 09:35:01 CEST 2013

On Wed, 11 Sep 2013 02:44, gniibe at fsij.org said:

> Besides, it seems for me that mpi-pow.c has a bug when it is called
> with negative base and expo is even (result is positive).  I don't
> test it though.

I first thought the same but actually the sign is implementation
defined.  http://en.wikipedia.org/wiki/Modulo_operation has a table
describing this.  We should not change that because that would be an ABI
change.  Instead I cleared the sign in ec_powm.

> -      "-0x01",
> -      "-0x98412DFC9311D490018C7338BF8688861767FF8FF5B2BEBE27548A14B235EC8FEDA4",
> +      "0x1db42",
> +      "0x1db41",

Right, you could get that impression from the paper.  However, another
paper describes tricks to improve the performance and there it is better
that A is -1 despite that you will have a long D.

The whole EC stuff is pretty interesting but requires a lot of reading.

Shalom-Salam,

   Werner

-- 
Die Gedanken sind frei.  Ausnahmen regelt ein Bundesgesetz.