[][src]Struct zerocaf::ristretto::RistrettoPoint

pub struct RistrettoPoint(pub EdwardsPoint);

Methods

impl RistrettoPoint[src][]

pub fn compress(&self) -> CompressedRistretto[src][]

Encode a Ristretto point represented by the point (X:Y:Z:T) in extended coordinates.

pub fn elligator_ristretto_flavor(r_0: &FieldElement) -> RistrettoPoint[src][]

Computes the Ristretto Elligator map. This gets a RistrettoPoint from a given `FieldElement´.

pub fn from_uniform_bytes(bytes: &[u8; 64]) -> RistrettoPoint[src][]

Construct a RistrettoPoint from 64 bytes of data.

If the input bytes are uniformly distributed, the resulting point will be uniformly distributed over the group, and its discrete log with respect to other points should be unknown.

Implementation

This function splits the input array into two 32-byte halves, takes the low 255 bits of each half mod p, applies the Ristretto-flavored Elligator map to each, and adds the results.

This function is taken from the Ristretto255 implementation found in curve25519-dalek

pub fn new_random_point<T: Rng + CryptoRng>(rand: &mut T) -> RistrettoPoint[src][]

Generate a random RistrettoPoint from a 64-byte array generated with user-provided rng.

The provided rng has to implement: Rng + CryptoRng.

This function uses the elligator hash map twice, once for [0..31] & another for [32..64] giving a uniformly distributed random value.

This implementation follows the idea pointed on the random point generation used in curve25519-dalek.

Trait Implementations

impl<'a, 'b> Add<&'a RistrettoPoint> for &'b RistrettoPoint[src][+]

type Output = RistrettoPoint

The resulting type after applying the + operator.

fn add(self, other: &'a RistrettoPoint) -> RistrettoPoint[src][]

Performs the addition of two RistrettoPoints following the Twisted Edwards Extended Coordinates formulae.

This implementation is specific for curves with a = -1 as the isomorphic twist is for Doppio.

[Source: 2008 Hisil–Wong–Carter–Dawson], (http://eprint.iacr.org/2008/522), Section 3.1.

impl Add<RistrettoPoint> for RistrettoPoint[src][+]

type Output = RistrettoPoint

The resulting type after applying the + operator.

fn add(self, other: RistrettoPoint) -> RistrettoPoint[src][]

Performs the addition of two RistrettoPoints following the Twisted Edwards Extended Coordinates formulae.

This implementation is specific for curves with a = -1 as the isomorphic twist is for Doppio.

[Source: 2008 Hisil–Wong–Carter–Dawson], (http://eprint.iacr.org/2008/522), Section 3.1.

impl Clone for RistrettoPoint[src][+]

impl ConstantTimeEq for RistrettoPoint[src][+]

fn ct_eq(&self, other: &RistrettoPoint) -> Choice[src][]

As specified on the Ristretto protocol docs: https://ristretto.group/formulas/equality.html and we are on the twisted case, we compare X1*Y2 == Y1*X2 | X1*X2 == Y1*Y2.

impl Copy for RistrettoPoint[src]

impl Debug for RistrettoPoint[src][+]

impl Default for RistrettoPoint[src][+]

fn default() -> RistrettoPoint[src][]

Gives back the Identity point for the Extended Edwards Coordinates which is endoded as a RistrettoPoint with coordinates: (X, Y, Z, T) = (0, 1, 1, 0).

impl<'a> Double for &'a RistrettoPoint[src][+]

type Output = RistrettoPoint

fn double(self) -> RistrettoPoint[src][]

Performs the point doubling operation ie. 2*P over the Twisted Edwards Extended Coordinates.

This implementation is specific for curves with a = -1 as the isomorphic twist is. Source: 2008 Hisil–Wong–Carter–Dawson, http://eprint.iacr.org/2008/522, Section 3.1. Cost: 4M+ 4S+ 1D

impl Eq for RistrettoPoint[src]

impl Identity for RistrettoPoint[src][+]

fn identity() -> RistrettoPoint[src][]

Gives back the Identity point for the Extended Edwards Coordinates which is endoded as a RistrettoPoint with coordinates: (X, Y, Z, T) = (0, 1, 1, 0).

impl<'a, 'b> Mul<&'b RistrettoPoint> for &'a Scalar[src][+]

type Output = RistrettoPoint

The resulting type after applying the * operator.

fn mul(self, point: &'b RistrettoPoint) -> RistrettoPoint[src][]

Scalar multiplication: compute self * Scalar. This implementation uses the algorithm: add_and_doubling which is the standard one for this operations and also adds less constraints on R1CS.

Hankerson, Darrel; Vanstone, Scott; Menezes, Alfred (2004). Guide to Elliptic Curve Cryptography. Springer Professional Computing. New York: Springer-Verlag.

impl<'a, 'b> Mul<&'b Scalar> for &'a RistrettoPoint[src][+]

type Output = RistrettoPoint

The resulting type after applying the * operator.

fn mul(self, scalar: &'b Scalar) -> RistrettoPoint[src][]

Scalar multiplication: compute self * Scalar. This implementation uses the algorithm: add_and_doubling which is the standard one for this operations and also adds less constraints on R1CS.

Hankerson, Darrel; Vanstone, Scott; Menezes, Alfred (2004). Guide to Elliptic Curve Cryptography. Springer Professional Computing. New York: Springer-Verlag.

impl Mul<RistrettoPoint> for Scalar[src][+]

type Output = RistrettoPoint

The resulting type after applying the * operator.

fn mul(self, point: RistrettoPoint) -> RistrettoPoint[src][]

Scalar multiplication: compute self * Scalar. This implementation uses the algorithm: add_and_doubling which is the standard one for this operations and also adds less constraints on R1CS.

Hankerson, Darrel; Vanstone, Scott; Menezes, Alfred (2004). Guide to Elliptic Curve Cryptography. Springer Professional Computing. New York: Springer-Verlag.

impl Mul<Scalar> for RistrettoPoint[src][+]

type Output = RistrettoPoint

The resulting type after applying the * operator.

fn mul(self, scalar: Scalar) -> RistrettoPoint[src][]

Scalar multiplication: compute self * Scalar. This implementation uses the algorithm: add_and_doubling which is the standard one for this operations and also adds less constraints on R1CS.

Hankerson, Darrel; Vanstone, Scott; Menezes, Alfred (2004). Guide to Elliptic Curve Cryptography. Springer Professional Computing. New York: Springer-Verlag.

impl<'a> Neg for &'a RistrettoPoint[src][+]

type Output = RistrettoPoint

The resulting type after applying the - operator.

fn neg(self) -> RistrettoPoint[src][]

Negates a RistrettoPoint giving it's negated representation as a result.

Since the negative of a point is (-X:Y:Z:-T), it gives as a result: (-X:Y:Z:-T).

impl Neg for RistrettoPoint[src][+]

type Output = RistrettoPoint

The resulting type after applying the - operator.

fn neg(self) -> RistrettoPoint[src][]

Negates a RistrettoPoint giving it's negated representation as a result.

Since the negative of a point is (-X:Y:Z:-T), it gives as a result: (-X:Y:Z:-T).

impl PartialEq<RistrettoPoint> for RistrettoPoint[src][+]

impl<'a, 'b> Sub<&'a RistrettoPoint> for &'b RistrettoPoint[src][+]

type Output = RistrettoPoint

The resulting type after applying the - operator.

fn sub(self, other: &'a RistrettoPoint) -> RistrettoPoint[src][]

Performs the subtraction of two RistrettoPoints following the Twisted Edwards Extended Coordinates formulae.

Note that Subtraction is basically the addition of the first point by the second negated.

This implementation is specific for curves with a = -1 as the isomorphic twist is for Doppio.

[Source: 2008 Hisil–Wong–Carter–Dawson], (http://eprint.iacr.org/2008/522), Section 3.1.

impl Sub<RistrettoPoint> for RistrettoPoint[src][+]

type Output = RistrettoPoint

The resulting type after applying the - operator.

fn sub(self, other: RistrettoPoint) -> RistrettoPoint[src][]

Performs the subtraction of two RistrettoPoints following the Twisted Edwards Extended Coordinates formulae.

Note that Subtraction is basically the addition of the first point by the second negated.

This implementation is specific for curves with a = -1 as the isomorphic twist is for Doppio.

[Source: 2008 Hisil–Wong–Carter–Dawson], (http://eprint.iacr.org/2008/522), Section 3.1.

impl ValidityCheck for RistrettoPoint[src][+]

fn is_valid(&self) -> Choice[src][]

A valid RistrettoPoint should have exactly order L (Scalar Field Order) and also verify the curve equation.

This trait is mostly implemented for debugging purposes.

Returns

  • `Choice(1) if the point has order L (not 2L, 4L or 8L) & satisfies the curve equation.
  • `Choice(0) if the point does not satisfy one of the conditions mentioned avobe.

Auto Trait Implementations

impl RefUnwindSafe for RistrettoPoint

impl Send for RistrettoPoint

impl Sync for RistrettoPoint

impl Unpin for RistrettoPoint

impl UnwindSafe for RistrettoPoint

Blanket Implementations

impl<T> Any for T where
    T: 'static + ?Sized[src][+]

impl<T> Borrow<T> for T where
    T: ?Sized[src][+]

impl<T> BorrowMut<T> for T where
    T: ?Sized[src][+]

impl<T> Clear for T where
    T: InitializableFromZeroed + ?Sized[+]

impl<T> From<T> for T[src][+]

impl<T> InitializableFromZeroed for T where
    T: Default[+]

impl<T, U> Into<U> for T where
    U: From<T>, [src][+]

impl<T> Same<T> for T

type Output = T

Should always be Self

impl<T> ToOwned for T where
    T: Clone[src][+]

type Owned = T

The resulting type after obtaining ownership.

impl<T, U> TryFrom<U> for T where
    U: Into<T>, [src][+]

type Error = Infallible

The type returned in the event of a conversion error.

impl<T, U> TryInto<U> for T where
    U: TryFrom<T>, [src][+]

type Error = <U as TryFrom<T>>::Error

The type returned in the event of a conversion error.

impl<V, T> VZip<V> for T where
    V: MultiLane<T>, [+]