Re: mp_montgomery_reduce Bug?

On Tue, 25 Jan 2011 12:25:30 -0800 (PST), dilloD <duat66@xxxxxxxxx>
wrote:

I think I'm doing something wrong.

Here is another hint to your problem. If you use ConvertIn as
suggested in my previous post and run this complete test program

#include "integer.h"
#include "modarith.h"
#include <iostream>

USING_NAMESPACE(std)
USING_NAMESPACE(CryptoPP)

int main(void) {
Integer modulo = Integer("90FADE67h");
MontgomeryRepresentation m = MontgomeryRepresentation(modulo);
Integer r = m.ConvertIn(0x70F98E5E);
//Integer r = 0x70F98E5E gives spurious Montgomery representative
Integer s = m.Square(r);
cout << "\nmodulo = " << hex << modulo;
cout << "\nr = " << hex << r;
cout << "\ns = " << hex << s;
return (0);
}

then you get the output:

modulo = 90fade67h
r = 1e55bcbfh
s = 4d10cb18h

With N=90fade67h and a=70f98e5eh, the value s = 4d10cb18h is identical
to a^2*2^64 mod N, therefore Crypto++ is obviously using R=2^64 on my
system (BTW: r = 1e55bcbfh = a*2^64 mod N).

Summary: Both Crypto++ and MPArith work as expected, but you forgot to
convert into Montgomery representation.

Wolfgang

.