Cryptography – How does this field multiplication work in libsecp256k1?
Is this algorithm inspired by an open paper? I can’t follow the reason for the code itself, so any reference would be helpful.
I’m not sure about the “paper”, but there is some official article that goes something like this: modular multiplication In fact, it’s plentiful. In reality, the implementation in question “simply” exploits the known properties of modular arithmetic.
The specific details are as follows: Here’s a link to the post for the older and somewhat simpler version: secp256k1_fe_mul_inner
This may be sufficient to support more exploration/reverse engineering than is currently possible.
That article also includes links to related modular operations, and I’ll republish them here as a series of nice, concise slides.
(The explanation may have additional value. Present avatar secp256k1_fe_mul_inner
, because it adds some optimizations on top of the basic modular arithmetic. But I think it requires a level of detail and formality well beyond the scope of the current question.)