sarah
/
ristretto255
mirror of https://github.com/gtank/ristretto255
1
0
Fork 0
Code Issues Releases Wiki Activity
46 Commits 5 Branches 3 Tags 402 KiB
Commit Graph

14 Commits

Author SHA1 Message Date
Filippo Valsorda 620415daa4 internal/radix51: make reduction an invariant and unexport Reduce 
Now every operation returns a light-reduced value, so the reduction is
an invariant, and there's no need to ever explicitly call Reduce.

Safety!
 2019-03-30 22:12:39 -04:00
George Tankersley 968377f9c5 ed25519: fix ScalarMult and improve test to catch the bug (#1) 2019-01-28 10:53:34 -05:00
Filippo Valsorda 2925e841f7 internal: make all APIs chainable 2019-01-28 10:53:34 -05:00
Filippo Valsorda 6c2fda803c internal/radix51: make all APIs not consider the receiver an input 2019-01-28 10:53:34 -05:00
Filippo Valsorda 930ef44224 all: refactor field API to be methods based 2019-01-28 10:53:34 -05:00
George Tankersley 0a030f62c0 make things more generally presentable 2017-07-25 16:24:16 -07:00
George Tankersley 08a76875a4 Cache the field representation of d 2017-07-25 16:23:20 -07:00
George Tankersley ce27eaf07c Explain Z1=1 again 2017-07-25 16:23:19 -07:00
George Tankersley c9f6a1c183 use faster FeFromBig & a horrible assortment of other random changes 2017-07-25 16:23:19 -07:00
George Tankersley 4d11c7b5a6 group logic WIP 2017-07-25 16:23:19 -07:00
George Tankersley 54cdb2aef0 Add documentation 2017-07-25 16:23:19 -07:00
George Tankersley 259e08bc29 Use mdbl-2008-bbjlp directly 
Since we are always converting from affine, we know that Z1=1. This
formula is slightly faster and avoids converting through
CompletedGroupElement unnecessarily.

Assumptions: Z1=1.

Cost: 2M + 4S + 1*a + 7add + 1*2.

Source: 2008 Bernstein-Birkner-Joye-Lange-Peters,
        https://eprint.iacr.org/2008/013,
        plus Z1=1, plus standard simplification.

Explicit formulas:
      B = (X1+Y1)^2
      C = X1^2
      D = Y1^2
      E = a*C
      F = E+D
      X3 = (B-C-D)*(F-2)
      Y3 = F*(E-D)
      Z3 = F2-2*F

https://hyperelliptic.org/EFD/g1p/auto-twisted-projective.html#doubling-mdbl-2008-bbjlp
 2017-07-25 16:23:19 -07:00
George Tankersley 26b25b0ac0 Add LICENSE 2017-07-25 16:23:19 -07:00
George Tankersley 19d7f4d83d Implement an elliptic.Curve for ed25519 2017-07-25 16:23:19 -07:00