On Wed, 4 Mar 2026 18:46:59 GMT, Shawn Emery <[email protected]> wrote:
>> This implementation changes the limb size of X25519 from 10 x 26 bits to 5 x
>> 51 bits in order to take advantage of performance gains from a reduction in
>> the number of limb operations.
>>
>> Performance gains were observed from the key generation/agreement,
>> encapsulation, and decapsulation benchmarks for both aarch64 with 49-54%
>> gains (hybrid: 41-51%) and x86_64 with 50% gains (hybrid: 27-38%).
>>
>> Thank you @ferakocz for their help in working through the early stages of
>> this code with me.
>
> Shawn Emery has updated the pull request incrementally with one additional
> commit since the last revision:
>
> Optimize multByInt() method
src/java.base/share/classes/sun/security/util/math/intpoly/IntegerPolynomial25519.java
line 105:
> 103: */
> 104: @Override
> 105: protected void multByInt(long[] a, long b) {
Probably we should gain some more speed by special casing b = 2, 3 and 4 (by
just shifting (+ adding) all limb values before the reduce() call.
-------------
PR Review Comment: https://git.openjdk.org/jdk/pull/29981#discussion_r2890239450
