sarah
/
ristretto255
mirror of https://github.com/gtank/ristretto255
1
0
Fork 0
Code Issues Releases Wiki Activity
148 Commits 5 Branches 3 Tags 402 KiB
Commit Graph

148 Commits

Author SHA1 Message Date
Filippo Valsorda 6bb3979858 ristretto255: replace backend with filippo.io/edwards25519 2021-09-30 06:15:14 -04:00
Filippo Valsorda ee040a3529 ristretto255: align the API with filippo.io/edwards25519 
Fixes #36
Fixes #40
 2021-09-30 06:10:56 -04:00
George Tankersley 6cc147bf72
ristretto255: add Set() to Scalar and Element types (#37) 
ristretto255: add Set() to Scalar and Element types

Co-authored-by: Filippo Valsorda <hi@filippo.io>
 2021-02-09 09:43:38 -08:00
Filippo Valsorda afa2eb7708 ristretto255: add a test from the new version of the I-D 2020-08-08 17:46:48 -04:00
Filippo Valsorda 502122d125 all: ensure compatibility with older Go versions 2019-12-05 11:12:26 -05:00
Filippo Valsorda a679c261e4 internal/radix51: implement (*FieldElement).Mul32 
This pure Go implementation of Mul32 is more than twice as fast as the
assembly Mul implementation, and four times faster than the pure Go Mul.

Mul32          7.91ns ± 1%
Mul            18.6ns ± 1%
Mul [purego]   33.4ns ± 0%

Before Go 1.13, where we can't use math/bits because the fallbacks might
not be constant time, Mul32 is a little slower, but not nearly as much
as the pure Go Mul.

Mul32          9.74ns ± 0%
Mul [purego]   75.4ns ± 1%
 2019-12-05 11:12:26 -05:00
Filippo Valsorda 6db84dcfdc internal/radix51: restructure according to golang.org/wiki/TargetSpecific 2019-12-05 11:12:26 -05:00
Sunny Aggarwal f33454717c internal/radix51: fix !amd64 build (lightReduce -> carryPropagate) (#29) 2019-11-25 22:11:09 -05:00
Sarah Jamie Lewis af147e8e15 Add Stringer & TextMarshaler interface 2019-10-11 12:43:22 -04:00
Filippo Valsorda 9e5f56cbf4 README.md: new file 2019-05-17 00:35:22 -04:00
Filippo Valsorda 651bf997e0 LICENSE: add Henry de Valence 2019-05-17 00:35:22 -04:00
Filippo Valsorda 21e4845510 internal/scalar: fix FromUniformBytes 2019-05-16 15:08:48 -04:00
Filippo Valsorda 760f82e79e ristretto255: add Scalar.Invert 2019-05-16 15:08:48 -04:00
Filippo Valsorda bd32259391 ristretto255: spell out Subtract, Negate and Multiply 
The abbreviations don't really feel worth it, and it makes it more
natural to abbreviate ScalarMult with a "t".
 2019-05-16 15:08:48 -04:00
Filippo Valsorda 2f2f1c0111 ristretto255: add NewElement and NewScalar 2019-05-16 15:08:48 -04:00
Filippo Valsorda 013999a2d0 internal/scalar: address review comments 2019-05-16 15:08:48 -04:00
Filippo Valsorda 644c28a2d3 all: apply suggestions from code review 
Co-Authored-By: Henry de Valence <hdevalence@hdevalence.ca>
 2019-05-16 15:08:48 -04:00
Filippo Valsorda 2b6c50d1bd ristretto255: minor cleanups 2019-05-16 15:08:48 -04:00
Filippo Valsorda 0e06c64ad7 ristretto255: expose scalar multiplication APIs 
The names of the ScalarMults were picked to match elliptic.Curve.

The Scalar type is re-exposed as an opaque type, with an API that
matches the Element one.
 2019-05-16 15:08:48 -04:00
Filippo Valsorda 97912109c3 internal/edwards25519: fix shadowing of B in TestAddSubNegOnBasePoint 2019-05-16 15:08:48 -04:00
Filippo Valsorda 116bee5e3d internal/scalar: replace FromBytes/IsCanonical with FromUniformBytes/FromCanonicalBytes 2019-05-16 15:08:48 -04:00
Filippo Valsorda 4baac9a766 internal/edwards25519,internal/scalar: apply some Go style touches 
Including unexporting the table types (which are not used in any API) to
declutter the godoc page.
 2019-05-16 15:08:48 -04:00
Henry de Valence 24394cb387 internal/scalar: add scalar inversion 2019-05-15 14:33:43 -04:00
Henry de Valence 2d09ffd636 internal/ed25519: rearrange VartimeDoubleBaseMul args 
This way they line up with a*A + b*B (except B is implicit).
 2019-05-12 02:20:59 -04:00
Henry de Valence 1e66180e96 internal/ed25519: add benchmarks for scalar mul 2019-05-12 02:20:59 -04:00
Henry de Valence 8186dbd6e1 internal/ed25519: add variable-time multiscalar mul 2019-05-12 02:20:59 -04:00
Henry de Valence 4ba8cc9326 internal/ed25519: add vartime double-base scmul 2019-05-12 02:20:59 -04:00
Henry de Valence 7b8b390b63 internal/ed25519: add precomputed NAF table for basepoint 2019-05-12 02:20:59 -04:00
Henry de Valence 0da0c530f4 internal/ed25519: lower quickcheck size for point ops 2019-05-12 02:20:59 -04:00
Henry de Valence f0e9a21a6d internal/ed25519: implement MultiscalarMul 2019-05-12 02:20:59 -04:00
Henry de Valence 23073b0135 internal/ed25519: implement BasepointMul 2019-05-12 02:20:59 -04:00
Henry de Valence e69072e96b internal/ed25519: extract common test variables 2019-05-12 02:20:59 -04:00
Henry de Valence b9eebc0ea7 internal/ed25519: add a basepoint multiple table. 
The table is hardcoded, and regenerated in the test code.
 2019-05-12 02:20:59 -04:00
Henry de Valence 95e035b5e5 internal/ed25519: add constant-time variable-base scmul. 
This also adds stub functions for the other scalar mul functionality.
 2019-05-12 02:20:59 -04:00
Henry de Valence af6c23d070 internal/ed25519: move basepoint constant & correct it 
The new values are extracted from the dalek test vectors.
 2019-05-12 02:20:59 -04:00
Henry de Valence 4642a7ca28 internal/scalar: fix high bit check 
This should check that s[31] > 127 to determine whether the high bit is set
(instead of s[31] >= 127)
 2019-05-12 02:20:59 -04:00
Henry de Valence de058a3840 internal/scalar: make casts clearer 2019-05-12 02:20:59 -04:00
Henry de Valence 70675843d7 internal/scalar: add invariant checks on Scalar digits 
The digit recoding functions require that the scalar has its high bit unset.
We should consider making the Scalar type opaque, as in dalek, to avoid this
condition, although I don't know if we can make guarantees in Go.
 2019-05-12 02:20:59 -04:00
Henry de Valence 8059980336 internal/scalar: use one scMulAdd for Sub 2019-05-12 02:20:59 -04:00
Henry de Valence 9bf3c72dab internal/scalar: fix constant-time signed radix 16 implementation 2019-05-12 02:20:59 -04:00
Filippo Valsorda 4ea68891fd Update internal/radix51/fe_test.go 
Co-Authored-By: hdevalence <hdevalence@hdevalence.ca>
 2019-05-08 14:54:33 -07:00
Filippo Valsorda 4c8c35e919 Update internal/radix51/fe_test.go 
Co-Authored-By: hdevalence <hdevalence@hdevalence.ca>
 2019-05-08 14:54:33 -07:00
Filippo Valsorda 4765eee22a Update internal/radix51/fe_test.go 
Co-Authored-By: hdevalence <hdevalence@hdevalence.ca>
 2019-05-08 14:54:33 -07:00
Henry de Valence ce204aaa9d internal/ed25519: add TODO note and doc ref 2019-05-08 14:54:33 -07:00
Henry de Valence 9353104792 internal/ed25519: rename twoD to D2 2019-05-08 14:54:33 -07:00
Henry de Valence 26af03f7b3 internal/ed25519: add lookup tables for scalar mul. 2019-05-08 14:54:33 -07:00
Henry de Valence 2312dea95d internal/radix51: add a conditional swap 2019-05-08 14:54:33 -07:00
Henry de Valence 0b5e1eb054 ristretto255: use multi-model arithmetic 2019-05-08 14:54:33 -07:00
Henry de Valence a360a6556f internal/ed25519: remove single-model code 2019-05-08 14:54:33 -07:00
Henry de Valence bdc420be66 internal/ed25519: add addition for Edwards points 2019-05-08 14:54:33 -07:00