1. On the edge of Curve25519 (safegcd256 for 32-bit machine)

    19 x 31 = 589 >= 587

    I implemented safegcd256 for Gnuk. It uses signed 31-bit integers, and it does 19 iterations for p = 2**255 - 19.

    Modular inversion

    In the computation of X25519, we need to compute the modular inversion at the last step to get the value of x in …

    more »
  2. Installing Debian Bookworm

    Second-hand PC, Dell Optilex

    I installed Debian Bookworm to this machine. It took a half of day.

    I use USB Bloutooth Dongle of 0a12:0001 for the machine.

    Comments on Bookworm

    Mostly, the installation procedure and the configuration for Bookworm was as same as my installation of Buster.

    In the …

    more »
  3. Experiments with Gomti

    Running the RNG to evaluate the output

    In the Gomti collection, there are a few Verilog implementations for multiple targets. Currently, those implementations are under evaluation.

    The RNG is "bare" version, with no conditioning component. That is, in the actual use case, it is assumed that adding conditioning component after …

    more »
  4. Gomti, the collection of rational numbers (continued)

    Asynchronous RNG output

    The first and the second entries are designed in a way that all components are clocked by CLK. These ones are straightforward. However, the parameter Kd can be even, which results sensitivity to jitter bad.

    Another variant is possible, to allow Kd can be odd. It is …

    more »