mod m. func (x *Nat) montgomeryReduction(m *Modulus) *Nat { // By Montgomery multiplying with 1 not in Montgomery representation, we // convert out back from Montgomery representation, because it works out to // dividing by R. one := NewNat().ExpandFor(m) one.limbs[0] = 1 return x.montgomeryMul(x, one, m) } // montgomeryMul calculates x = a * b / R mod m, with R = 2^(_W * n) and // n = len(m.nat.limbs), also known as a Montgomery multiplication. // // All inputs should be the same length and already...