| Commit message (Collapse) | Author | Age | |
|---|---|---|---|
| * | Changed [auto]s to [eauto]s in ModularBaseSystemProofs for 8.5 compatibility. |  jadep | 2016-07-07 |
| | | |||
| * | Merged changes, including new ZUtil conventions. | jadep | 2016-07-06 |
| |\ | |||
| * | | Factored out some proofs that rely only on base being powers of two, and ↵ | jadep | 2016-07-06 |
| | | | | | | | | | defined conversion between two such bases. This will allow conversion between the pseudomersenne base representation and the wire format. Also relocated some lemmas to Util. | ||
| | * | Implement and prove Barrett reduction on Z (#18) |  Jason Gross | 2016-07-03 |
| | | | | | | | | | | | | | | | | | Implement and prove Barrett reduction on Z This will serve as the high-level algorithm for modular reduction. We follow Wikipedia very closely, except where we can do better (I believe @jadephilipoom is updating Wikipedia). | ||
| | * | Make ZUtil more uniform |  Jason Gross | 2016-07-02 |
| | | | | | | | | | | | | | | | | | The standard library uses Z.*, and Z* and Z_* are compatibility notations. We follow suit. Also, eliminate a few lemmas that are duplicates of ones in the standard library. | ||
| * | | added and proved shift/or decode operation 'decode_bitwise' | jadep | 2016-06-30 |
| | | | |||
| * | | encode operation in ModularBaseSystem now uses bitwise operators, taking ↵ | jadep | 2016-06-29 |
| | | | | | | | | | advantage of the fact that base elements are required to be powers of 2 | ||
| * | | BaseSystem encode function is no longer naive; it does a mod/div loop rather ↵ | jadep | 2016-06-28 |
| |/ | | | | than sticking the value of the Z input in the first digit. The condition that c is positive has been added to PseudoMersenneBaseParams--it is necessary for this encode and for canonicalization, for which it was previously a section variable. | ||
| * | Aggregate all level specifications not in Spec/* | Jason Gross | 2016-06-22 |
| | | | | | | This prevents notation conflicts (see comment in Notations.v for more explanation). | ||
| * | remove trailing whitespace from src/ |  Andres Erbsen | 2016-06-20 |
| | | |||
| * | Merge branch 'field-experiment' | Andres Erbsen | 2016-06-20 |
| |\ | | | | | | | includes broken files to be removed in next commit | ||
| | * | [F q] is [Algebra.field] | Andres Erbsen | 2016-06-20 |
| | | | |||
| | * | port CompleteEdwardsCurve.ExtendedCoordinates, make [field_algebra] try ↵ | Andres Erbsen | 2016-06-18 |
| | | | | | | | | | fewer nonzero ports. remove FField and FNsatz | ||
| * | | Canonicalization is now automated in GF25519 and added to GF1305. | jadep | 2016-06-17 |
| | | | |||
| * | | Specific version of freeze for GF25519 (automation still needs a little work) | jadep | 2016-06-17 |
| | | | |||
| | * | move nsatz out of algebra, improve algebra, port CompleteEdwardsCurveTheorems | Andres Erbsen | 2016-06-17 |
| | | | |||
| | * | Z is integral domain | Andres Erbsen | 2016-06-16 |
| | | | |||
| * | | PseudoMersenneBaseRep.mul now carries by default (made possible by strictly ↵ | jadep | 2016-06-15 |
| | | | | | | | | | base-length digit vectors) | ||
| * | | changed representation definition to require digits vector to be the exact ↵ | jadep | 2016-06-15 |
| | | | | | | | | | length of the base vector | ||
| * | | Added canonicalization to ModularBaseSystemOpt. | jadep | 2016-06-15 |
| | | | |||
| * | | Merge | jadep | 2016-06-14 |
| |\ \ | |||
| * | | | Finished admits for canonicalization proofs. | jadep | 2016-06-14 |
| | | | | |||
| * | | | reversed modulus_digits and proved a few admits | jadep | 2016-06-13 |
| | | | | |||
| * | | | progress on second stage (conditional constant-time subtraction) of ↵ | jadep | 2016-06-13 |
| | | | | | | | | | | | | | canonicalization proofs | ||
| | * | | More Coq 8.4pl2 fixes |  Jason Gross | 2016-06-11 |
| | | | | |||
| * | | | starting rewrite using different definition of map | jadep | 2016-06-11 |
| | |/ |/| | |||
| | * | More changes for 8.5 | Jason Gross | 2016-06-10 |
| | | | | | | | | | [Local Coercion :=] changed meanings. Use [Let] and [Local Coercion] for consistent behavior | ||
| | * | 8.5 fixes | Jason Gross | 2016-06-10 |
| |/ | |||
| * | Merge branch 'master' of github.mit.edu:plv/fiat-crypto | jadep | 2016-05-25 |
| |\ | |||
| | * | PrimeFieldTheorems fermat inverse lemma: prove admit | Andres Erbsen | 2016-05-24 |
| | | | |||
| * | | First stage of canonicalization proofs complete; proved 3 carry loops reduce ↵ | jadep | 2016-05-20 |
| | | | | | | | | | input digits to their minimal widths. Remaining : name fixes and second stage -- proving that we subtract q iff the reduced input is over q (in the range [2^k-c, 2^k-1]) | ||
| | * | F: pow_nat_iter_op_correct | Andres Erbsen | 2016-05-18 |
| | | | |||
| | * | F: fermat inversion lemma refactor | Andres Erbsen | 2016-05-18 |
| |/ | |||
| * | Implemented subtraction mod q as as (sub a b = sub (add a (2*q)) b) to avoid ↵ | jadep | 2016-05-09 |
| | | | | | unsigned integer underflow. Also changed rep in Specific proofs so that it is PseudoMersenneBaseRep.rep rather than ModularBaseSystem.rep; these are equivalent but the first is the abstraction level we want. | ||
| * | Cleanup: mostly moving lemmas to Util files, some moving lemmas to more ↵ | jadep | 2016-04-28 |
| | | | | | general contexts. | ||
| * | refactor field lemmas out of ed25519 | Andres Erbsen | 2016-04-25 |
| | | |||
| * | automated most of the code in GF25519 | jadep | 2016-04-21 |
| | | |||
| * | Cleanup of GF25519 | jadep | 2016-04-20 |
| | | |||
| * | Pulled generalized code out of GF25519 so that it can be used for other moduli | jadep | 2016-04-20 |
| | | |||
| * | moved lemmas from ModularBaseSystemProofs to various Util files | jadep | 2016-04-20 |
| | | |||
| * | Add a tactic for field inequalities | Jason Gross | 2016-04-19 |
| | | | | | | Pair programming with Andres, a better proof of unifiedAddM1'_rep, some progress on twistedAddAssoc. | ||
| * | Merge and refactor of GF25519 | jadep | 2016-04-11 |
| | | |||
| * | Merge branch 'master' of github.mit.edu:plv/fiat-crypto | jadep | 2016-03-30 |
| |\ | |||
| | * | Ed25519: d is nonsquare | Andres Erbsen | 2016-03-20 |
| | | | |||
| * | | made BaseVector instance global |  Jade Philipoom | 2016-03-20 |
| | | | |||
| * | | refactor of Basesystem and ModularBaseSystem; includes general code ↵ | Jade Philipoom | 2016-03-20 |
| | | | | | | | | | organization and changes to pseudomersenne base parameters that require bases to be expressed as powers of 2, which reduces the burden of proof on the caller and allows carry functions to use bitwise operations rather than mod and division | ||
| * | | Refactored BaseSystem and ModularBaseSystem. | Jade Philipoom | 2016-03-11 |
| | | | |||
| | * | Finish absolutizing imports | Jason Gross | 2016-03-10 |
| | | | | | | | | | | | | | | | | | | | | | | | | | The file coqprime/Coqprime/ListAux.v was importing List, which was confusing machines on which mathclasses was also installed. Using https://github.com/JasonGross/coq-tools ```bash make -kj10 cd src git ls-files "*.v" | xargs python ~/Documents/repos/coq-tools/absolutize-imports.py -i -R . Crypto ``` | ||
| | * | Use [rewrite] rather than [change] to speed up Qed | Jason Gross | 2016-03-08 |
| |/ | | | | | | | | | | | | | [Opaque] tells kernel unification to defer unfolding a constant as long as possible. This is not a problem for [change], when the functions are small and directly convertible. It's disastrous for [Qed]/[Defined], which (if I understand correctly) try to unify [Opaquemul x' y'] with [mul x y] by fully unfolding [mul] and [x] and [y] before trying to unfold [Opaquemul]; when [x] and [y] are large, this takes a very long time. Rewrite avoids this by telling Coq *how* to unify [Opaquemul x' y'] with [mul x y] (namely, by unifying [Opaquemul] with [mul], and then [x] with [x'] and [y] with [y']). | ||
| * | CompleteEdwardsCurveTheorems: associativity proof that times out on Qed | Andres Erbsen | 2016-03-03 |
| | | |||
 |
index : fiat-crypto | |
| fast, formally verified cryptography |
| aboutsummaryrefslogtreecommitdiff |