Implement techniques from 2020/1507 eprint?

Question

Implement techniques from 2020/1507 eprint?

Closed this issue 3 years ago · 5 comments

tarcieri commented 3 years ago

Interesting paper which contains techniques for improving both key generation and inversion-free RSA-CRT:

https://eprint.iacr.org/2020/1507

Answer 1 · 2021-06-21T16:04:33.000Z

Section 8 "Some of these techniques may be covered by US and/or international patents."

☢️

Answer 2 · 2021-06-21T16:13:57.000Z

@randombit aah, unfortunate

Answer 3 · 2021-06-21T16:35:35.000Z

I'll go ahead and close this issue then. We can potentially revisit it if the IPR situation clears up somehow (e.g. perpetual royalty-free license or thereabouts granted by the relevant patent holders)

Answer 4 · 2021-06-21T20:29:57.000Z

@randombit do you have any specific recommendations for non-patented optimizations we can do instead? I see you have a semi-related post: https://randombit.net/bitbashing/posts/modular_inversion_using_crt.html

I'm also trying to consolidate our big integer code and associated algorithm implementations into the crypto-bigint crate (I mostly work on our ECC implementations) and am tracking some of the algorithms we should potentially implement here: https://github.com/RustCrypto/utils/issues/453

Answer 5 · 2021-06-25T12:11:50.000Z

TBH I'm not totally familiar with what this crate (and the num-bigint fork) are doing so it's hard to say anything concrete. My general impression is that the best approach for RSA is the "Smooth RSA-CRT" of https://eprint.iacr.org/2007/039. IIRC this is what BoringSSL uses.