|
|
constexpr | field (const numeric::uint256_t &input) noexcept |
| |
|
constexpr | field (const unsigned long input) noexcept |
| |
|
constexpr | field (const unsigned int input) noexcept |
| |
|
constexpr | field (const unsigned long long input) noexcept |
| |
|
constexpr | field (const int input) noexcept |
| |
|
constexpr | field (const uint64_t a, const uint64_t b, const uint64_t c, const uint64_t d) noexcept |
| |
| constexpr | field (const uint512_t &input) noexcept |
| | Convert a 512-bit big integer into a field element.
|
| |
|
constexpr | field (std::string input) noexcept |
| |
|
constexpr | operator uint32_t () const |
| |
|
constexpr | operator uint64_t () const |
| |
|
constexpr | operator uint128_t () const |
| |
|
constexpr | operator uint256_t () const noexcept |
| |
|
constexpr uint256_t | uint256_t_no_montgomery_conversion () const noexcept |
| |
|
constexpr | field (const field &other) noexcept=default |
| |
|
constexpr | field (field &&other) noexcept=default |
| |
|
constexpr field & | operator= (const field &other) noexcept=default |
| |
|
constexpr field & | operator= (field &&other) noexcept=default |
| |
| BBERG_INLINE constexpr field | operator* (const field &other) const noexcept |
| |
| BBERG_INLINE constexpr field | operator+ (const field &other) const noexcept |
| |
| BBERG_INLINE constexpr field | operator- (const field &other) const noexcept |
| |
|
BBERG_INLINE constexpr field | operator- () const noexcept |
| |
|
constexpr field | operator/ (const field &other) const noexcept |
| |
|
BBERG_INLINE constexpr field | operator++ () noexcept |
| |
|
BBERG_INLINE constexpr field | operator++ (int) noexcept |
| |
|
BBERG_INLINE constexpr field & | operator*= (const field &other) noexcept |
| |
|
BBERG_INLINE constexpr field & | operator+= (const field &other) noexcept |
| |
|
BBERG_INLINE constexpr field & | operator-= (const field &other) noexcept |
| |
|
constexpr field & | operator/= (const field &other) noexcept |
| |
| BBERG_INLINE constexpr bool | operator> (const field &other) const noexcept |
| | Greater-than operator.
|
| |
| BBERG_INLINE constexpr bool | operator< (const field &other) const noexcept |
| | Less-than operator.
|
| |
|
BBERG_INLINE constexpr bool | operator== (const field &other) const noexcept |
| |
|
BBERG_INLINE constexpr bool | operator!= (const field &other) const noexcept |
| |
|
BBERG_INLINE constexpr field | to_montgomery_form () const noexcept |
| |
|
BBERG_INLINE constexpr field | from_montgomery_form () const noexcept |
| |
| BBERG_INLINE constexpr field | sqr () const noexcept |
| |
|
BBERG_INLINE constexpr void | self_sqr () noexcept |
| |
|
BBERG_INLINE constexpr field | pow (const uint256_t &exponent) const noexcept |
| |
|
BBERG_INLINE constexpr field | pow (uint64_t exponent) const noexcept |
| |
|
constexpr field | invert () const noexcept |
| |
| constexpr std::pair< bool, field > | sqrt () const noexcept |
| | Compute square root of the field element.
|
| |
|
BBERG_INLINE constexpr void | self_neg () noexcept |
| |
|
BBERG_INLINE constexpr void | self_to_montgomery_form () noexcept |
| |
|
BBERG_INLINE constexpr void | self_from_montgomery_form () noexcept |
| |
|
BBERG_INLINE constexpr void | self_conditional_negate (uint64_t predicate) noexcept |
| |
|
BBERG_INLINE constexpr field | reduce_once () const noexcept |
| |
|
BBERG_INLINE constexpr void | self_reduce_once () noexcept |
| |
|
BBERG_INLINE constexpr void | self_set_msb () noexcept |
| |
|
BBERG_INLINE constexpr bool | is_msb_set () const noexcept |
| |
|
BBERG_INLINE constexpr uint64_t | is_msb_set_word () const noexcept |
| |
|
BBERG_INLINE constexpr bool | is_zero () const noexcept |
| |
|
BBERG_INLINE std::vector< uint8_t > | to_buffer () const |
| |
|
BBERG_INLINE constexpr wide_array | mul_512 (const field &other) const noexcept |
| |
|
BBERG_INLINE constexpr wide_array | sqr_512 () const noexcept |
| |
|
BBERG_INLINE constexpr field | conditionally_subtract_from_double_modulus (const uint64_t predicate) const noexcept |
| |
|
void | msgpack_pack (auto &packer) const |
| |
|
void | msgpack_unpack (auto o) |
| |
|
void | msgpack_schema (auto &packer) const |
| |
For short Weierstrass curves y^2 = x^3 + b mod r, if there exists a cube root of unity mod r, we can take advantage of an enodmorphism to decompose a 254 bit scalar into 2 128 bit scalars. \beta = cube root of 1, mod q (q = order of fq) \lambda = cube root of 1, mod r (r = order of fr)
For a point P1 = (X, Y), where Y^2 = X^3 + b, we know that the point P2 = (X * \beta, Y) is also a point on the curve We can represent P2 as a scalar multiplication of P1, where P2 = \lambda * P1
For a generic multiplication of P1 by a 254 bit scalar k, we can decompose k into 2 127 bit scalars (k1, k2), such that k = k1 - (k2 * \lambda)
We can now represent (k * P1) as (k1 * P1) - (k2 * P2), where P2 = (X * \beta, Y). As k1, k2 have half the bit length of k, we have reduced the number of loop iterations of our scalar multiplication algorithm in half
To find k1, k2, We use the extended euclidean algorithm to find 4 short scalars [a1, a2], [b1, b2] such that modulus = (a1 * b2) - (b1 * a2) We then compute scalars c1 = round(b2 * k / r), c2 = round(b1 * k / r), where k1 = (c1 * a1) + (c2 * a2), k2 = -((c1 * b1) + (c2 * b2)) We pre-compute scalars g1 = (2^256 * b1) / n, g2 = (2^256 * b2) / n, to avoid having to perform long division on 512-bit scalars
