Module curve25519_dalek::backend::serial::u64::scalar

Arithmetic mod \(2^{252} + 27742317777372353535851937790883648493\) with five \(52\)-bit unsigned limbs.

\(51\)-bit limbs would cover the desired bit range (\(253\) bits), but isn't large enough to reduce a \(512\)-bit number with Montgomery multiplication, so \(52\) bits is used instead. To see that this is safe for intermediate results, note that the largest limb in a \(5\times 5\) product of \(52\)-bit limbs will be

(0xfffffffffffff^2) * 5 = 0x4ffffffffffff60000000000005 (107 bits).

Structs

Scalar52

The Scalar52 struct represents an element in \(\mathbb Z / \ell \mathbb Z\) as 5 \(52\)-bit limbs.

Functions

m	u64 * u64 = u128 multiply helper