mphell/doc-v4/mphell-weierstrass_8h_source.html

 /*
   MPHELL-4.0
   Author(s): The MPHELL team

  (C) Copyright 2015-2018 - Institut Fourier / Univ. Grenoble Alpes (France)

  This file is part of the MPHELL Library.
  MPHELL is free software: you can redistribute it and/or modify
  it under the terms of the GNU Lesser General Public License as published by
  the Free Software Foundation, version 3 of the License.

  MPHELL is distributed in the hope that it will be useful,
  but WITHOUT ANY WARRANTY; without even the implied warranty of
  MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
  GNU Lesser General Public License for more details.

  You should have received a copy of the GNU Lesser General Public License
  along with MPHELL.  If not, see <http://www.gnu.org/licenses/>.
 */

 #ifndef MPHELL_WEIERSTRASS_H
 #define MPHELL_WEIERSTRASS_H

 /* E: y^2 = x^3 + ax + b */
 /* Projective coordinates represent an affine point (x,y) on a Weierstrass-form elliptic curve y^2 = x^3 + ax + b as (X:Y:Z) satisfying Y^2 Z = X^3 + aXZ^2 + bZ^3. Here (X:Y:Z) = (sX:sY:sZ) for all nonzero s. */
 /* The triple (X, Y, Z) represents the affine point (X / Z, Y / Z) */

 /* Jacobian coordinates represent an affine point (x,y) on a Weierstrass-form elliptic curve y^2 = x^3 + ax + b as (X:Y:Z) satisfying Y^2 = X^3 + aXZ^4 + bZ^6. Here (X:Y:Z) = (s^2 X:s^3 Y:sZ) for all nonzero s.*/
 /* The triple (X, Y, Z) represents the affine point (X / Z^2, Y / Z^3). */


 /************************************SETTERS**********************************/

 void
 weierstrass_compute_disc(ec_curve E, uint8_t stack);

 bool
 weierstrass_verify_random_generation(ec_curve E, const char * seed, uint8_t stack);

 void
 weierstrass_curve_random_generation(fe_ptr a, fe_ptr b, char * seed_res, field_srcptr k, uint8_t stack);

 void
 weierstrass_point_set_neutral (ec_point_ptr dst, ec_curve_srcptr E, uint8_t stack);

 void
 weierstrass_point_set_aff (ec_point_ptr P, fe_srcptr x, fe_srcptr y, field_srcptr k);

 void
 weierstrass_point_set_aff_str (ec_point_ptr P, const char *str_x, const char *str_y,
         const bool is_reduced, const uint8_t base, field_srcptr k, uint8_t stack);

 bool
 weierstrass_belongs (ec_point_srcptr P, ec_curve_srcptr E, uint8_t stack);

 void
 weierstrass_point_random (ec_point_ptr P, ec_curve_srcptr E, uint8_t stack);

 void
 weierstrass_point_norm (ec_point_ptr P, ec_curve_srcptr E, uint8_t stack);

 void
 weierstrass_point_get_x_affine (field_elt x, ec_point_ptr P, ec_curve_srcptr E, uint8_t stack);

 void
 weierstrass_point_get_y_affine (field_elt y, ec_point_ptr P, ec_curve_srcptr E, uint8_t stack);


 /*******************************COMPARISON************************************/

 bool
 weierstrass_point_is_neutral (ec_point_srcptr P, ec_curve_srcptr E, uint8_t stack);

 bool
 weierstrass_point_are_equal (ec_point_srcptr P1, ec_point_srcptr P2,
         ec_curve_srcptr E, uint8_t stack);


 /*******************************OPERATIONS************************************/

 void
 weierstrass_point_neg (ec_point_ptr P3, ec_point_srcptr P1, ec_curve_srcptr E);

 /* UNIFIED => Resistant to SPA */

 void
 weierstrass_point_add_ZADDU (ec_point_ptr P3, ec_point_ptr P1, ec_point_srcptr P2,
         ec_curve_srcptr E, uint8_t stack);

 void
 weierstrass_point_add_ZADDC (ec_point_ptr P3, ec_point_ptr P4, ec_point_srcptr P1,
         ec_point_srcptr P2, ec_curve_srcptr E, uint8_t stack);

 void
 weierstrass_point_add_ZDAU (ec_point_ptr P3, ec_point_srcptr P1, ec_point_ptr P2,
         ec_curve_srcptr E, uint8_t stack);

 void
 weierstrass_point_DBLU (ec_point_ptr P3, ec_point_ptr P4, ec_point_srcptr P1,
         ec_curve_srcptr E, uint8_t stack);

 void
 weierstrass_point_TPLU (ec_point_ptr P3, ec_point_ptr P4, ec_point_srcptr P1,
         ec_curve_srcptr E, uint8_t stack);

 void
 weierstrass_Zmontgomery_Kim(ec_point_ptr P3, number_srcptr n, ec_point_srcptr P1,
         ec_curve_srcptr E, uint8_t stack);

 void
 weierstrass_Zmontgomery_ladder(ec_point_ptr P3, number_srcptr n, ec_point_srcptr P1,
         ec_curve_srcptr E, uint8_t stack);

 void
 weierstrass_Zjoye_mul(ec_point_ptr P3, number_srcptr n, ec_point_srcptr P1,
         ec_curve_srcptr E, uint8_t stack);

 void
 weierstrass_point_add_unified (ec_point_ptr P3, ec_point_srcptr P1, ec_point_srcptr P2,
         ec_curve_srcptr E, uint8_t stack);

 /* DEDICATED => Not resistant to SPA */

 void
 weierstrass_point_add_dedicated (ec_point_ptr P3, ec_point_srcptr P1, ec_point_srcptr P2,
         ec_curve_srcptr E, uint8_t stack);

 void
 weierstrass_point_dbl_dedicated (ec_point_ptr P3, ec_point_srcptr P1, ec_curve_srcptr E, uint8_t stack);


 /* Miscellaneaous */

 void
 weierstrass_point_of_order_2 (ec_point_ptr dst, ec_curve_srcptr E, uint8_t stack);

 void
 weierstrass_points_of_order_2 (ec_point_ptr dst1, ec_point_ptr dst2, ec_point_ptr dst3, ec_curve_srcptr E, uint8_t stack);

 #endif


field_elt
fp_elt * field_elt
Generic field element.
Definition: mphell-field.h:39

weierstrass_verify_random_generation
bool weierstrass_verify_random_generation(ec_curve E, const char *seed, uint8_t stack)
Test if E if generated from the seed "seed".
Definition: mphell-weierstrass.c:100

weierstrass_curve_random_generation
void weierstrass_curve_random_generation(fe_ptr a, fe_ptr b, char *seed_res, field_srcptr k, uint8_t stack)
Generate a 160 bits seed and coefficients a and b defining a Weiestrass elliptic curve....
Definition: mphell-weierstrass.c:227

weierstrass_point_DBLU
void weierstrass_point_DBLU(ec_point_ptr P3, ec_point_ptr P4, ec_point_srcptr P1, ec_curve_srcptr E, uint8_t stack)
Co-Z point doubling with update: Set P3 to 2*P1 and P4 such that P1 = P4 and Z4 = Z3 and assume that ...
Definition: mphell-weierstrass.c:940

field_t
Define a field.
Definition: mphell-field.h:90

ec_point
Define an elliptic curve point.
Definition: mphell-curve.h:103

weierstrass_point_norm
void weierstrass_point_norm(ec_point_ptr P, ec_curve_srcptr E, uint8_t stack)
Set P in affine coordinates.
Definition: mphell-weierstrass.c:537

weierstrass_point_is_neutral
bool weierstrass_point_is_neutral(ec_point_srcptr P, ec_curve_srcptr E, uint8_t stack)
Test if P is the neutral element.
Definition: mphell-weierstrass.c:633

weierstrass_point_set_neutral
void weierstrass_point_set_neutral(ec_point_ptr dst, ec_curve_srcptr E, uint8_t stack)
Set dst to the neutral element: (0,1,0) for projective coordinates and (1,1,0) for jacobian coordinat...
Definition: mphell-weierstrass.c:397

weierstrass_point_get_y_affine
void weierstrass_point_get_y_affine(field_elt y, ec_point_ptr P, ec_curve_srcptr E, uint8_t stack)
Convert P->y to its affine representation.
Definition: mphell-weierstrass.c:604

weierstrass_point_add_ZDAU
void weierstrass_point_add_ZDAU(ec_point_ptr P3, ec_point_srcptr P1, ec_point_ptr P2, ec_curve_srcptr E, uint8_t stack)
Co-Z point doubling-addition with update: Set P3 to 2*P1 + P2 and update P2 such that Z2 = Z3.
Definition: mphell-weierstrass.c:866

weierstrass_point_are_equal
bool weierstrass_point_are_equal(ec_point_srcptr P1, ec_point_srcptr P2, ec_curve_srcptr E, uint8_t stack)
Test if P1 and P2 are equal on E (BUT do not test if they belong to the curve)
Definition: mphell-weierstrass.c:677

weierstrass_compute_disc
void weierstrass_compute_disc(ec_curve E, uint8_t stack)
Set the discriminant of E: disc = -16(4a^3 + 27b^2)
Definition: mphell-weierstrass.c:70

weierstrass_point_get_x_affine
void weierstrass_point_get_x_affine(field_elt x, ec_point_ptr P, ec_curve_srcptr E, uint8_t stack)
Convert P->x to its affine representation.
Definition: mphell-weierstrass.c:578

weierstrass_Zjoye_mul
void weierstrass_Zjoye_mul(ec_point_ptr P3, number_srcptr n, ec_point_srcptr P1, ec_curve_srcptr E, uint8_t stack)
Set P3 to n * P1 using Joye’s double-add algorithm with Co-Z addition formula.The formulae are not co...
Definition: mphell-weierstrass.c:1843

weierstrass_point_add_unified
void weierstrass_point_add_unified(ec_point_ptr P3, ec_point_srcptr P1, ec_point_srcptr P2, ec_curve_srcptr E, uint8_t stack)
Set P3 to P1 + P2, using unified formulae (protection against SPA)
Definition: mphell-weierstrass.c:1951

weierstrass_point_set_aff
void weierstrass_point_set_aff(ec_point_ptr P, fe_srcptr x, fe_srcptr y, field_srcptr k)
Set dest to the affine point (x, y)
Definition: mphell-weierstrass.c:423

fe_srcptr
const fp_elt * fe_srcptr
Pointer on a field element, the field element cannot be modified through this pointer.
Definition: mphell-field.h:51

weierstrass_point_dbl_dedicated
void weierstrass_point_dbl_dedicated(ec_point_ptr P3, ec_point_srcptr P1, ec_curve_srcptr E, uint8_t stack)
Set P3 to 2 * P1, using dedicated formulae (not protected against SPA, but faster)
Definition: mphell-weierstrass.c:1981

fe_ptr
fp_elt * fe_ptr
Pointer on a field element.
Definition: mphell-field.h:45

weierstrass_point_of_order_2
void weierstrass_point_of_order_2(ec_point_ptr dst, ec_curve_srcptr E, uint8_t stack)
Set dst to one of the point of order 2 of the curve E assuming that at least one exist.
Definition: mphell-weierstrass.c:2019

weierstrass_point_add_dedicated
void weierstrass_point_add_dedicated(ec_point_ptr P3, ec_point_srcptr P1, ec_point_srcptr P2, ec_curve_srcptr E, uint8_t stack)
Set P3 to P1 + P2, using dedicated formulae (not protected against SPA, but faster)
Definition: mphell-weierstrass.c:1921

weierstrass_point_TPLU
void weierstrass_point_TPLU(ec_point_ptr P3, ec_point_ptr P4, ec_point_srcptr P1, ec_curve_srcptr E, uint8_t stack)
Co-Z point tripling with update: Set P3 to 3*P1 and P4 such that P4 = P1 and Z4 = Z3.
Definition: mphell-weierstrass.c:1001

weierstrass_point_add_ZADDU
void weierstrass_point_add_ZADDU(ec_point_ptr P3, ec_point_ptr P1, ec_point_srcptr P2, ec_curve_srcptr E, uint8_t stack)
Co-Z point addition with update: Set P3 = (X3,Y3,Z3) to P1 + P2 using Co-Z addition and update P1 suc...
Definition: mphell-weierstrass.c:775

ec_curve
Define an elliptic curve.
Definition: mphell-curve.h:139

weierstrass_point_random
void weierstrass_point_random(ec_point_ptr P, ec_curve_srcptr E, uint8_t stack)
Set P to a random point on E.
Definition: mphell-weierstrass.c:511

weierstrass_point_set_aff_str
void weierstrass_point_set_aff_str(ec_point_ptr P, const char *str_x, const char *str_y, const bool is_reduced, const uint8_t base, field_srcptr k, uint8_t stack)
Set dest to the affine point (str_x,str_y)
Definition: mphell-weierstrass.c:432

weierstrass_point_add_ZADDC
void weierstrass_point_add_ZADDC(ec_point_ptr P3, ec_point_ptr P4, ec_point_srcptr P1, ec_point_srcptr P2, ec_curve_srcptr E, uint8_t stack)
Conjugate Co-Z point addition: Set P3 to P1 + P2 and P4 to P1 - P2 such that Z3=Z4.
Definition: mphell-weierstrass.c:815

weierstrass_point_neg
void weierstrass_point_neg(ec_point_ptr P3, ec_point_srcptr P1, ec_curve_srcptr E)
Set P3 to -P1.
Definition: mphell-weierstrass.c:2007

weierstrass_points_of_order_2
void weierstrass_points_of_order_2(ec_point_ptr dst1, ec_point_ptr dst2, ec_point_ptr dst3, ec_curve_srcptr E, uint8_t stack)
Set dst1, dst2, dst3 to the points of order 2 of the curve E assuming they are different otherwise th...
Definition: mphell-weierstrass.c:2166

weierstrass_Zmontgomery_Kim
void weierstrass_Zmontgomery_Kim(ec_point_ptr P3, number_srcptr n, ec_point_srcptr P1, ec_curve_srcptr E, uint8_t stack)
Perform the Montgomery ladder, taken from Kim et al's 2017 work, compute P3=[n]P1 it has the drawback...
Definition: mphell-weierstrass.c:1757

weierstrass_belongs
bool weierstrass_belongs(ec_point_srcptr P, ec_curve_srcptr E, uint8_t stack)
Test if P belongs to E.
Definition: mphell-weierstrass.c:442

weierstrass_Zmontgomery_ladder
void weierstrass_Zmontgomery_ladder(ec_point_ptr P3, number_srcptr n, ec_point_srcptr P1, ec_curve_srcptr E, uint8_t stack)
Set P3 to n * P1 using Montgomery ladder with Co-Z addition formula.
Definition: mphell-weierstrass.c:1496