Module curve25519_dalek::backend::serial::u64::scalar

[−] Expand description

Arithmetic mod $2^{252} + 27742317777372353535851937790883648493$ with five $52$-bit unsigned limbs.

$51$-bit limbs would cover the desired bit range ($253$ bits), but isn't large enough to reduce a $512$-bit number with Montgomery multiplication, so $52$ bits is used instead. To see that this is safe for intermediate results, note that the largest limb in a $5\times 5$ product of $52$-bit limbs will be

(0xfffffffffffff^2) * 5 = 0x4ffffffffffff60000000000005 (107 bits).

Structs

Scalar52

The Scalar52 struct represents an element in $\mathbb Z / \ell \mathbb Z$ as 5 $52$-bit limbs.

Functions

m	u64 * u64 = u128 multiply helper