--- Day changed Tue Nov 07 2017
00:02 -!- zmanian [sid113594@gateway/web/irccloud.com/x-llzjygpgsoieecax] has quit [Ping timeout: 255 seconds]     
00:05 -!- zmanian [sid113594@gateway/web/irccloud.com/x-fdforvhxbqifxdhk] has joined #secp256k1     
03:47 -!- xinxi [~xinxi@39.109.214.22] has joined #secp256k1     
03:52 -!- jtimon [~quassel@164.31.134.37.dynamic.jazztel.es] has quit [Ping timeout: 268 seconds]     
04:58 -!- SopaXorzTaker [~SopaXorzT@unaffiliated/sopaxorztaker] has joined #secp256k1     
08:01 -!- jtimon [~quassel@164.31.134.37.dynamic.jazztel.es] has joined #secp256k1     
10:49 -!- xinxi [~xinxi@39.109.214.22] has quit [Remote host closed the connection]     
10:50 -!- xinxi [~xinxi@39.109.214.22] has joined #secp256k1     
11:06 -!- SopaXorzTaker [~SopaXorzT@unaffiliated/sopaxorztaker] has quit [Remote host closed the connection]     
17:27 -!- arubi [~ese168@gateway/tor-sasl/ese168] has quit [Ping timeout: 248 seconds]     
17:28 -!- arubi [~ese168@gateway/tor-sasl/ese168] has joined #secp256k1     
17:57 < TD-Linux> https://community.arm.com/processors/b/blog/posts/introducing-2017s-extensions-to-the-arm-architecture#dataindependenttiming
18:01 < andytoshi> very cool
18:04 < andytoshi> i wonder about constant power
21:11 < gmaxwell> andytoshi: so say you want to compute a scalar product  x_0^a_0 * x_1^a_1 * x_2^a_2 * ...  where a_n is in -1, 1  for the 2^n combinations of a_n values... then I think there is a more efficient ladder for this than naieve, but it breaks batch inversion.
21:15 < gmaxwell> e.g. say for 4 of them,  compute x_0 * x_1 and x_0*x_1^-1   then invert them to get 4 possibilities,  then also compute x_2*x_3 and x_2*x_3^-1 and invert to get 4 possibilities there, then compute the cartesian product of the two sets.
21:16 < gmaxwell> ignoring the inversion costs thats 20 multiplies, while a dumb construction would do 64.
21:16 < gmaxwell> but what I describe loses because it seralizes the inversions.
21:26 < gmaxwell> well, in any case I guess you can do the recursive cartesian product to get a sqrt() reduction in the number of multiplies.  e.g. batch invert everything to get 4 multiplies for every combination of 0,1 and four to get every combination of 2,3  then 16 for the cartesian product, and thats 24 multiplies, which is less than the 4+8+16 of a somewhat dumb algo.
21:35 -!- luke-jr [~luke-jr@unaffiliated/luke-jr] has quit [Read error: Connection reset by peer]     
21:37 -!- luke-jr [~luke-jr@unaffiliated/luke-jr] has joined #secp256k1     
22:09 -!- jtimon [~quassel@164.31.134.37.dynamic.jazztel.es] has quit [Ping timeout: 250 seconds]