Cryptography – How does this field multiplication work in libsecp256k1?

Is this algorithm inspired by an open paper? I can’t follow the reason for the code itself, so any reference would be helpful.

I’m not sure about the “paper”, but there is some official article that goes something like this: modular multiplication In fact, it’s plentiful. In reality, the implementation in question “simply” exploits the known properties of modular arithmetic.

The specific details are as follows: Here’s a link to the post for the older and somewhat simpler version: secp256k1_fe_mul_inner This may be sufficient to support more exploration/reverse engineering than is currently possible.

That article also includes links to related modular operations, and I’ll republish them here as a series of nice, concise slides.

(The explanation may have additional value. Present avatar secp256k1_fe_mul_inner, because it adds some optimizations on top of the basic modular arithmetic. But I think it requires a level of detail and formality well beyond the scope of the current question.)