[Verse-dev] v_bignum.c and 64-bit processors

Emil Brink emil at obsession.se
Thu May 12 11:23:47 CEST 2005 

On Fri, 6 May 2005 13:01:14 +0300 (EEST)
Samuel Siltanen <saasilta at cc.hut.fi> wrote:

> I found a bug in v_bignum.c, which causes the encryption key
> generation to  last extremely long on 64-bit architecture (such as AMD
> Athlon64). In such  architectures long ints and addresses are 64 bits
> long instead of 32 bits.  That is why the encryption key generation
> times are orders of magnitude  longer than on 32-bit architecture (I
> guess exactly 2^32 times longer),  which is too long.

As you know, I looked into this while in Darmstadt. My conclusion while
there was "the entire bignum module is broken", but I'm not sure if that
was actually true.

I tend to forget the limitations of some of the bignum operations over
time; they're meant for prime-number generation and RSA encryption, and
are not always generally useful. I *think* this is what confused me;
with random test data, some operations fail since such data doesn't
meet the input requirements. The routines don't complain, for speed
reasons.

Anyway, I've removed use of "unsigned long" altogether, it's now
done with "unsigned ints" on all platforms. Also, I abstracted the
actual type out, there's now a VBigDigs typedef in v_bignum.h, that
represents a pair of digits.

In theory, a 64-bit machine should be able to run with a 32-bit
VBigDig and a 64-bit VBigDigs (these are 16/32 on 32-bit CPUs), but
there are still some assumptions in v_bignum.c that will break if
you try that, so please don't.

Please, however, do try that it works now, with the new typedef in
place. Update your Verse CVS repository, making sure you're using
the HEAD and not a branch (R5 development has been moved to the HEAD
since a couple of weeks, now).

Then do this:

~> gcc -DCRYPTALONE -o crypt v_encryption.c v_prime.c v_bignum.c v_pack.c

This builds a standalone version of the encryption module and its
dependencies. Once that's done, you can run the simple self-test:

~> ./crypt

You should get output like this:

testing RSA-crypto
key pair generated, encrypting something
plain: 54 (62)
plain: 54, cipher: 50
decoded: 54: 'This is some text to encrypt, to give it something to chew on.'

If you don't, then something is *really* broken, and I would love to
hear about it. Actually, I'd love to hear about it if it works, too.

There, I hope this clears this up somewhat.

Regards,

/Emil

More information about the Verse-dev mailing list