mirror of
https://git.tartarus.org/simon/putty.git
synced 2025-01-09 17:38:00 +00:00
6520574e58
Thanks to Mark Wooding for explaining the method of doing this. At first glance it seemed _obviously_ impossible to run an algorithm that needs an iteration per factor of 2 in p-1, without a timing leak giving away the number of factors of 2 in p-1. But it's not, because you can do the M-R checks interleaved with each step of your whole modular exponentiation, and they're cheap enough that you can do them in _every_ step, even the ones where the exponent is too small for M-R to be interested in yet, and then do bitwise masking to exclude the spurious results from the final output. |
||
|---|---|---|
| .. | ||
| CMakeLists.txt | ||
| dsa.c | ||
| ecdsa.c | ||
| millerrabin.c | ||
| mpunsafe.c | ||
| mpunsafe.h | ||
| pockle.c | ||
| prime.c | ||
| primecandidate.c | ||
| rsa.c | ||
| smallprimes.c | ||