Huh?! Maybe I missed something but I'm currently not writing any paper
- Do you mean the cswap SSE2 "trick"?
-
-
-
Yes. I thought you might be writing a paper after seeing your PRs and after seeing this: https://github.com/bitcoin-core/secp256k1/pull/457 ….
-
It'd be interesting to read a description of the trick. Is it something that is more generally applicable, e.g. to nistz256 or libsecp256k1?
-
Did not know this - thanks for sharing! Will take a look, but from just reading the abstract the SSE2 code could be a countermeasure...
-
Okay may I've the time to write a little blogpost/similar about this

-
Looks like Vlad's Go P256 amd64 implementation does something similar: https://github.com/golang/go/blob/master/src/crypto/elliptic/p256_asm_amd64.s#L73 …
End of conversation
New conversation -
Loading seems to be taking a while.
Twitter may be over capacity or experiencing a momentary hiccup. Try again or visit Twitter Status for more information.