hF2-0.1: F(2^e) math for cryptography

MaintainerMarcel Fourné (hecc@bitrot.dyndns.org)
Safe HaskellSafe-Infered



A timing attack resistant F(2^e) backend, all operations on little-endian data in unboxed bit vectors



add :: F2 -> F2 -> F2Source

binary addition of a and b

shift :: F2 -> Int -> F2Source

a simple bitshift where n shifts right, a negative n shifts left

mul :: F2 -> F2 -> F2Source

binary multiplication of a and b

reduceBy :: F2 -> F2 -> F2Source

polynomial reduction of a via r

pow :: F2 -> F2 -> F2Source

the power function, b ^ k, using Montgomery ladder and some low-k hardcoding against overheads

fromInteger :: Integer -> F2Source

conversion helper function

toInteger :: F2 -> IntegerSource

conversion helper function

length :: F2 -> IntSource

the length of an F(2^e)

even :: F2 -> BoolSource

is the number even? The last bit decides...

odd :: F2 -> BoolSource

is the number odd? The last bit decides...

div :: F2 -> F2 -> F2 -> F2Source

computing k/f mod m by binary inversion of f in m

bininv :: F2 -> F2 -> F2Source