summaryrefslogtreecommitdiffhomepage
path: root/libs/luci-lib-nixio/axTLS/ssl/BigIntConfig.in
blob: 04c7438c079b9dff5c0b9325ae85e4a49f1a458a (plain)
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
#
# For a description of the syntax of this configuration file,
# see scripts/config/Kconfig-language.txt
#

menu "BigInt Options"
    depends on !CONFIG_SSL_SKELETON_MODE

choice
    prompt "Reduction Algorithm"
    default CONFIG_BIGINT_BARRETT 

config CONFIG_BIGINT_CLASSICAL
    bool "Classical"
    help
        Classical uses standard division. It has no limitations and is
        theoretically the slowest due to the divisions used. For this particular
        implementation it is surprisingly quite fast.

config CONFIG_BIGINT_MONTGOMERY
    bool "Montgomery"
    help
        Montgomery uses simple addition and multiplication to achieve its
        performance. In this implementation it is slower than classical, 
        and it has the limitation that 0 <= x, y < m, and so is not used 
        when CRT is active.

        This option will not be normally selected.

config CONFIG_BIGINT_BARRETT
    bool "Barrett"
    help
        Barrett performs expensive precomputation before reduction and partial
        multiplies for computational speed. It can't be used with some of the
        calculations when CRT is used, and so defaults to classical when this
        occurs.

        It is about 40% faster than Classical/Montgomery with the expense of
        about 2kB, and so this option is normally selected.

endchoice

config CONFIG_BIGINT_CRT
    bool "Chinese Remainder Theorem (CRT)"
    default y
    help 
        Allow the Chinese Remainder Theorem (CRT) to be used.

        Uses a number of extra coefficients from the private key to improve the
        performance of a decryption. This feature is one of the most 
        significant performance improvements (it reduces a decryption time by 
        over 3 times).

        This option should be selected.

config CONFIG_BIGINT_KARATSUBA
    bool "Karatsuba Multiplication"
    default n
    help
        Allow Karasuba multiplication to be used.
 
        Uses 3 multiplications (plus a number of additions/subtractions) 
        instead of 4. Multiplications are O(N^2) but addition/subtraction 
        is O(N) hence for large numbers is beneficial. For this project, the 
        effect was only useful for 4096 bit keys. As these aren't likely to 
        be used, the feature is disabled by default. 
        
        It costs about 2kB to enable it.

config MUL_KARATSUBA_THRESH
    int "Karatsuba Multiplication Theshold"
    default 20
    depends on CONFIG_BIGINT_KARATSUBA
    help
        The minimum number of components needed before Karasuba muliplication
        is used.
 
        This is very dependent on the speed/implementation of bi_add()/
        bi_subtract(). There is a bit of trial and error here and will be
        at a different point for different architectures.

config SQU_KARATSUBA_THRESH
    int "Karatsuba Square Threshold"
    default 40
    depends on CONFIG_BIGINT_KARATSUBA && CONFIG_BIGINT_SQUARE
    help    
        The minimum number of components needed before Karatsuba squaring
        is used.
 
        This is very dependent on the speed/implementation of bi_add()/
        bi_subtract(). There is a bit of trial and error here and will be
        at a different point for different architectures.

config CONFIG_BIGINT_SLIDING_WINDOW
    bool "Sliding Window Exponentiation"
    default y
    help
        Allow Sliding-Window Exponentiation to be used.
 
        Potentially processes more than 1 bit at a time when doing 
        exponentiation. The sliding-window technique reduces the number of 
        precomputations compared to other precomputed techniques.

        It results in a considerable performance improvement with it enabled
        (it halves the decryption time) and so should be selected.

config CONFIG_BIGINT_SQUARE
    bool "Square Algorithm"
    default y
    help
        Allow squaring to be used instead of a multiplication.
 
        Squaring is theoretically 50% faster than a standard multiply 
        (but is actually about 25% faster). 

        It gives a 20% speed improvement and so should be selected.

config CONFIG_BIGINT_CHECK_ON
    bool "BigInt Integrity Checking"
    default n if !CONFIG_DEBUG
    default y if CONFIG_DEBUG
    help
        This is used when developing bigint algorithms. It performs a sanity
        check on all operations at the expense of speed.
        
        This option is only selected when developing and should normally be
        turned off.

endmenu