Struct zerocaf::edwards::ProjectivePoint

pub struct ProjectivePoint {
    pub X: FieldElement,
    pub Y: FieldElement,
    pub Z: FieldElement,
}

A ProjectivePoint represents a point on the Sonny Curve expressed over the Twisted Edwards Projective Coordinates eg. (X:Y:Z).

For Z1≠0 the point (X1:Y1:Z1) represents the affine point (x1= X1/Z1, y1= Y1/Z1) on EE,a,d. Projective coordinates represent x y as (X, Y, Z) satisfying the following equations:

x=X/Z

y=Y/Z

Expressing an elliptic curve in twisted Edwards form saves time in arithmetic, even when the same curve can be expressed in the Edwards form.

Fields

X: FieldElement

Y: FieldElement

Z: FieldElement

Methods

impl ProjectivePoint

pub fn new_from_y_coord(
    y: &FieldElement,
    sign: Choice
) -> Option<ProjectivePoint>

This function tries to build a Point over the Sonny Curve from a Y coordinate and a Choice that determines the sign of the X coordinate that the user wants to use.

The function gets X by solving: +-X = mod_sqrt((y^2 -1)/(dy^2 - a)).

The sign of x is choosen with a Choice parameter.

For Choice(0) -> Negative result. For Choice(1) -> Positive result.

Then Z is always equal to 1.

Returns

Some(ProjectivePoint) if there exists a result for the mod_sqrt and None if the resulting x^2 isn't a QR modulo FIELD_L.

pub fn new_random_point<T: Rng + CryptoRng>(rand: &mut T) -> ProjectivePoint

This function tries to build a Point over the Sonny Curve from a random Y coordinate and a random Choice that determines the sign of the X coordinate.

Trait Implementations

impl<'a, 'b> Add<&'b ProjectivePoint> for &'a ProjectivePoint

type Output = ProjectivePoint

The resulting type after applying the + operator.

fn add(self, other: &'b ProjectivePoint) -> ProjectivePoint

Add two ProjectivePoints and give the resulting ProjectivePoint. This implementation is specific for curves with a = -1 as Sonny is.

Bernstein D.J., Birkner P., Joye M., Lange T., Peters C. (2008) Twisted Edwards Curves. In: Vaudenay S. (eds) Progress in Cryptology – AFRICACRYPT 2008. AFRICACRYPT 2008. Lecture Notes in Computer Science, vol 5023. Springer, Berlin, Heidelberg. See: https://eprint.iacr.org/2008/013.pdf - Section 6.

impl Add<ProjectivePoint> for ProjectivePoint

type Output = ProjectivePoint

The resulting type after applying the + operator.

fn add(self, other: ProjectivePoint) -> ProjectivePoint

Add two ProjectivePoints and give the resulting ProjectivePoint. This implementation is specific for curves with a = -1 as Sonny is.

Bernstein D.J., Birkner P., Joye M., Lange T., Peters C. (2008) Twisted Edwards Curves. In: Vaudenay S. (eds) Progress in Cryptology – AFRICACRYPT 2008. AFRICACRYPT 2008. Lecture Notes in Computer Science, vol 5023. Springer, Berlin, Heidelberg. See: https://eprint.iacr.org/2008/013.pdf - Section 6.

impl Clone for ProjectivePoint

fn clone(&self) -> ProjectivePoint

Returns a copy of the value.

fn clone_from(&mut self, source: &Self)

Performs copy-assignment from source.

impl ConstantTimeEq for ProjectivePoint

fn ct_eq(&self, other: &ProjectivePoint) -> Choice

Determine if two items are equal.

impl Copy for ProjectivePoint

impl Debug for ProjectivePoint

fn fmt(&self, f: &mut Formatter) -> Result

Formats the value using the given formatter.

impl Default for ProjectivePoint

fn default() -> ProjectivePoint

Returns the default ProjectivePoint Extended Coordinates: (0, 1, 1).

impl<'a> Double for &'a ProjectivePoint

type Output = ProjectivePoint

fn double(self) -> ProjectivePoint

Double the given point following: This implementation is specific for curves with a = -1 as Sonny is.

/// Bernstein D.J., Birkner P., Joye M., Lange T., Peters C. (2008) Twisted Edwards Curves. In: Vaudenay S. (eds) Progress in Cryptology – AFRICACRYPT 2008. AFRICACRYPT 2008. Lecture Notes in Computer Science, vol 5023. Springer, Berlin, Heidelberg. See: https://eprint.iacr.org/2008/013.pdf - Section 6.

Cost: 3M+ 4S+ +7a + 1D.

impl Eq for ProjectivePoint

impl From<AffinePoint> for ProjectivePoint

fn from(point: AffinePoint) -> ProjectivePoint

The key idea of projective coordinates is that instead of performing every division immediately, we defer the divisions by multiplying them into a denominator.

In affine form, each elliptic curve point has 2 coordinates, like (x,y). In the new projective form, each point will have 3 coordinates, like (X,Y,Z), with the restriction that Z is never zero.

The forward mapping is given by (x,y)→(xz,yz,z), for any non-zero z (usually chosen to be 1 for convenience).

impl From<EdwardsPoint> for ProjectivePoint

fn from(point: EdwardsPoint) -> ProjectivePoint

Given (X:Y:T:Z) in εε, passing to ε is cost-free by simply ignoring T.

Twisted Edwards Curves Revisited - Huseyin Hisil, Kenneth Koon-Ho Wong, Gary Carter, and Ed Dawson, Section 3.

impl From<ProjectivePoint> for EdwardsPoint

fn from(point: ProjectivePoint) -> EdwardsPoint

Given (X:Y:Z) in ε passing to εε can beperformed in 3M+ 1S by computing (XZ, YZ, X*Y, Z^2).

Twisted Edwards Curves Revisited - Huseyin Hisil, Kenneth Koon-Ho Wong, Gary Carter, and Ed Dawson, Section 3.

impl From<ProjectivePoint> for AffinePoint

fn from(point: ProjectivePoint) -> AffinePoint

Reduce the point from Projective to Affine coordinates computing: (XZinv, YZinv, Z*Zinv).

And once the Z coord = 1 we can simply remove it.

Twisted Edwards Curves Revisited - Huseyin Hisil, Kenneth Koon-Ho Wong, Gary Carter, and Ed Dawson.

impl Identity for ProjectivePoint

fn identity() -> ProjectivePoint

Returns the Edwards Point identity value = (0, 1, 1).

impl<'a, 'b> Mul<&'a Scalar> for &'b ProjectivePoint

type Output = ProjectivePoint

The resulting type after applying the * operator.

fn mul(self, scalar: &'a Scalar) -> ProjectivePoint

Scalar multiplication: compute Scalar * self. This implementation uses the algorithm: add_and_doubling which is the standard one for this operations and also adds less constraints on R1CS.

Hankerson, Darrel; Vanstone, Scott; Menezes, Alfred (2004). Guide to Elliptic Curve Cryptography. Springer Professional Computing. New York: Springer-Verlag.

impl Mul<Scalar> for ProjectivePoint

type Output = ProjectivePoint

The resulting type after applying the * operator.

fn mul(self, scalar: Scalar) -> ProjectivePoint

Scalar multiplication: compute Scalar * self. This implementation uses the algorithm: add_and_doubling which is the standard one for this operations and also adds less constraints on R1CS.

Hankerson, Darrel; Vanstone, Scott; Menezes, Alfred (2004). Guide to Elliptic Curve Cryptography. Springer Professional Computing. New York: Springer-Verlag.

impl<'a> Neg for &'a ProjectivePoint

type Output = ProjectivePoint

The resulting type after applying the - operator.

fn neg(self) -> ProjectivePoint

Negates an ProjectivePoint giving it as a result. Since the negative of a point is (-X:Y:Z:-T), it gives as a result: (-X, Y, Z, -T).

impl Neg for ProjectivePoint

type Output = ProjectivePoint

The resulting type after applying the - operator.

fn neg(self) -> ProjectivePoint

Negates an ProjectivePoint giving it as a result

impl PartialEq<ProjectivePoint> for ProjectivePoint

fn eq(&self, other: &ProjectivePoint) -> bool

This method tests for self and other values to be equal, and is used by ==.

#[must_use] fn ne(&self, other: &Rhs) -> bool

This method tests for !=.

impl<'a, 'b> Sub<&'b ProjectivePoint> for &'a ProjectivePoint

type Output = ProjectivePoint

The resulting type after applying the - operator.

fn sub(self, other: &'b ProjectivePoint) -> ProjectivePoint

Add two ProjectivePoints, negating the second one, This implementation is specific for curves with a = -1 as Sonny is.

Bernstein D.J., Birkner P., Joye M., Lange T., Peters C. (2008) Twisted Edwards Curves. In: Vaudenay S. (eds) Progress in Cryptology – AFRICACRYPT 2008. AFRICACRYPT 2008. Lecture Notes in Computer Science, vol 5023. Springer, Berlin, Heidelberg. See: https://eprint.iacr.org/2008/013.pdf - Section 6.

impl Sub<ProjectivePoint> for ProjectivePoint

type Output = ProjectivePoint

The resulting type after applying the - operator.

fn sub(self, other: ProjectivePoint) -> ProjectivePoint

Add two ProjectivePoints, negating the second one, This implementation is specific for curves with a = -1 as Sonny is.

Bernstein D.J., Birkner P., Joye M., Lange T., Peters C. (2008) Twisted Edwards Curves. In: Vaudenay S. (eds) Progress in Cryptology – AFRICACRYPT 2008. AFRICACRYPT 2008. Lecture Notes in Computer Science, vol 5023. Springer, Berlin, Heidelberg. See: https://eprint.iacr.org/2008/013.pdf - Section 6.

impl ValidityCheck for ProjectivePoint

fn is_valid(&self) -> Choice

Verifies if the curve equation (in projective twisted edwards coordinates) holds given the (X, Y, Z) coordinates of a point in Projective Coordinates.