Comment on Shanks-Tonelli reference.

author Niels Möller <nisse@lysator.liu.se>

Fri, 11 Jul 2014 20:56:24 +0000 (22:56 +0200)

committer Niels Möller <nisse@lysator.liu.se>

Fri, 11 Jul 2014 20:56:24 +0000 (22:56 +0200)
author Niels Möller <nisse@lysator.liu.se>
Fri, 11 Jul 2014 20:56:24 +0000 (22:56 +0200)
committer Niels Möller <nisse@lysator.liu.se>
Fri, 11 Jul 2014 20:56:24 +0000 (22:56 +0200)
diff --git a/ecc-25519.c b/ecc-25519.c

index 25eeed9901779e6c3865399541b7552064373677..51414a309a6ffe7bda8abd4cc458c9f7b7a39748 100644 (file)
--- a/ecc-25519.c
+++ b/ecc-25519.c
@@ -60,6 +60,10 @@ ecc_25519_modp(const struct ecc_curve *ecc UNUSED, mp_limb_t *rp)
      + sec_add_1 (rp, rp, ECC_LIMB_SIZE - 1, 19 * cy);
  }
  
+/* We'll also need square roots, see
+   http://www.math.vt.edu/people/brown/doc/sqrts.pdf for a description
+   of Shanks-Tonelli. The needed quadratic non-residue is 3. */
+
  const struct ecc_curve nettle_curve25519 =
  {
    255,
author	Niels Möller <nisse@lysator.liu.se>
	Fri, 11 Jul 2014 20:56:24 +0000 (22:56 +0200)
committer	Niels Möller <nisse@lysator.liu.se>
	Fri, 11 Jul 2014 20:56:24 +0000 (22:56 +0200)