short_weierstrass/element_g1_affine.hpp
Go to the documentation of this file.
1 //---------------------------------------------------------------------------//
2 // Copyright (c) 2020-2021 Mikhail Komarov <nemo@nil.foundation>
3 // Copyright (c) 2020-2021 Nikita Kaskov <nbering@nil.foundation>
4 // Copyright (c) 2020-2021 Ilias Khairullin <ilias@nil.foundation>
5 //
6 // MIT License
7 //
8 // Permission is hereby granted, free of charge, to any person obtaining a copy
9 // of this software and associated documentation files (the "Software"), to deal
10 // in the Software without restriction, including without limitation the rights
11 // to use, copy, modify, merge, publish, distribute, sublicense, and/or sell
12 // copies of the Software, and to permit persons to whom the Software is
13 // furnished to do so, subject to the following conditions:
14 //
15 // The above copyright notice and this permission notice shall be included in all
16 // copies or substantial portions of the Software.
17 //
18 // THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
19 // IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
20 // FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE
21 // AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER
22 // LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM,
23 // OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE
24 // SOFTWARE.
25 //---------------------------------------------------------------------------//
26 
27 #ifndef CRYPTO3_ALGEBRA_CURVES_SHORT_WEIERSTRASS_G1_ELEMENT_HPP
28 #define CRYPTO3_ALGEBRA_CURVES_SHORT_WEIERSTRASS_G1_ELEMENT_HPP
29 
30 #include <nil/crypto3/algebra/curves/detail/scalar_mul.hpp>
31 #include <nil/crypto3/algebra/curves/forms.hpp>
32 
33 #include <nil/crypto3/algebra/curves/detail/forms/short_weierstrass/coordinates.hpp>
34 
35 namespace nil {
36  namespace crypto3 {
37  namespace algebra {
38  namespace curves {
39  namespace detail {
45  template<typename CurveParams, typename Form, typename Coordinates>
46  struct curve_element;
47 
53  template<typename CurveParams>
54  struct curve_element<CurveParams, forms::short_weierstrass, coordinates::affine> {
55 
56  using field_type = typename CurveParams::field_type;
57 
58  private:
59  using params_type = CurveParams;
60  using field_value_type = typename field_type::value_type;
61 
62  public:
63  using form = forms::short_weierstrass;
64  using coordinates = coordinates::affine;
65 
66  using group_type = typename params_type::template group_type<coordinates>;
67 
68  field_value_type X;
69  field_value_type Y;
70 
71  /************************* Constructors and zero/one ***********************************/
72 
77  constexpr curve_element() :
78  curve_element(params_type::zero_fill[0], params_type::zero_fill[1]) {};
79 
84  constexpr curve_element(field_value_type in_X, field_value_type in_Y) {
85  this->X = in_X;
86  this->Y = in_Y;
87  };
88 
92  constexpr static curve_element zero() {
93  return curve_element();
94  }
95 
99  constexpr static curve_element one() {
100  return curve_element(params_type::one_fill[0], params_type::one_fill[1]);
101  }
102 
103  /************************* Comparison operations ***********************************/
104 
105  constexpr bool operator==(const curve_element &other) const {
106  if (this->is_zero()) {
107  return other.is_zero();
108  }
109 
110  if (other.is_zero()) {
111  return false;
112  }
113 
114  /* now neither is O */
115 
116  if (this->X != other.X) {
117  return false;
118  }
119 
120  if (this->Y != other.Y) {
121  return false;
122  }
123 
124  return true;
125  }
126 
127  constexpr bool operator!=(const curve_element &other) const {
128  return !(operator==(other));
129  }
130 
135  constexpr bool is_zero() const {
136  return X == params_type::zero_fill[0] && Y == params_type::zero_fill[0];
137  }
138 
139  /************************* Reducing operations ***********************************/
140 
146  constexpr curve_element<params_type, form, typename curves::coordinates::projective>
147  to_projective() const {
148 
149  using result_type =
150  curve_element<params_type, form, typename curves::coordinates::projective>;
151 
152  return result_type(X, Y,
153  result_type::field_type::value_type::one()); // X = x, Y = y, Z = 1
154  }
155 
156  /************************* Arithmetic operations ***********************************/
157 
158  constexpr curve_element operator=(const curve_element &other) {
159  // handle special cases having to do with O
160  this->X = other.X;
161  this->Y = other.Y;
162 
163  return *this;
164  }
165 
166  constexpr curve_element operator+(const curve_element &other) const {
167  // handle special cases having to do with O
168  if (this->is_zero()) {
169  return other;
170  }
171 
172  if (other.is_zero()) {
173  return (*this);
174  }
175 
176  if (*this == other) {
177  return this->doubled();
178  }
179 
180  return this->add(other);
181  }
182 
183  constexpr curve_element operator-() const {
184  return curve_element(this->X, -this->Y);
185  }
186 
187  constexpr curve_element operator-(const curve_element &other) const {
188  return (*this) + (-other);
189  }
190 
197  constexpr curve_element doubled() const {
198 
199  if (this->is_zero()) {
200  return (*this);
201  } else {
202  field_value_type Xsquared = X.squared();
203  field_value_type Xsquared3pa = Xsquared.doubled() + Xsquared + params_type::a;
204  field_value_type Xsquared3pasquared = Xsquared3pa.squared();
205  field_value_type Y2squared = Y.doubled().squared();
206 
207  field_value_type X3 = Xsquared3pasquared * Y2squared.inversed() - X - X;
208  field_value_type Y3 = (X.doubled() + X) * Xsquared3pa * Y.doubled().inversed() -
209  Xsquared3pasquared * Xsquared3pa * Y2squared * (Y.doubled()) - Y;
210  }
211  }
212 
213  private:
219  curve_element add(const curve_element &other) const {
220  field_value_type Y2mY1 = other.Y - this->Y;
221  field_value_type Y2mY1squared = Y2mY1.squared();
222  field_value_type X2mX1 = other.X - this->X;
223  field_value_type X2mX1squared = X2mX1.squared();
224 
225  field_value_type X3 = Y2mY1squared * X2mX1squared.inversed() - this->X - other.X;
226  field_value_type Y3 = ((this - X).doubled() + other.X) * Y2mY1 * X2mX1.inversed() -
227  Y2mY1 * Y2mY1squared * (X2mX1 * X2mX1squared).inversed() - this->Y;
228 
229  return curve_element(X3, Y3);
230  }
231  };
232 
233  } // namespace detail
234  } // namespace curves
235  } // namespace algebra
236  } // namespace crypto3
237 } // namespace nil
238 #endif // CRYPTO3_ALGEBRA_CURVES_SHORT_WEIERSTRASS_G1_ELEMENT_HPP
scalar_mul.hpp
nil::crypto3::algebra::operator==
constexpr bool operator==(const matrix< T, N, M > &a, const matrix< T, N, M > &b)
checks equality of two matrices
Definition: matrix/operators.hpp:48
nil::crypto3::math::is_zero
bool is_zero(const Range &a)
Definition: basic_operations.hpp:43
nil
Definition: pair.hpp:31
coordinates.hpp
nil::crypto3::algebra::curves::coordinates::affine
Jacobi quatrics curve group element coordinates representation. Description: https://hyperelliptic....
Definition: jacobi_quartics/coordinates.hpp:40
nil::crypto3::algebra::curves::detail::curve_element< CurveParams, forms::short_weierstrass, coordinates::affine >::operator-
constexpr curve_element operator-(const curve_element &other) const
Definition: short_weierstrass/element_g1_affine.hpp:187
nil::crypto3::algebra::curves::detail::curve_element< CurveParams, forms::short_weierstrass, coordinates::affine >::field_type
typename CurveParams::field_type field_type
Definition: short_weierstrass/element_g1_affine.hpp:56
nil::crypto3::algebra::curves::detail::curve_element< CurveParams, forms::short_weierstrass, coordinates::affine >::operator=
constexpr curve_element operator=(const curve_element &other)
Definition: short_weierstrass/element_g1_affine.hpp:158
nil::crypto3::algebra::curves::detail::curve_element< CurveParams, forms::short_weierstrass, coordinates::affine >::doubled
constexpr curve_element doubled() const
Affine doubling formulas: 2(x1,y1)=(x3,y3) where x3 = (3*x12+a)2/(2*y1)2-x1-x1 y3 = (2*x1+x1)*(3*x12+...
Definition: short_weierstrass/element_g1_affine.hpp:197
nil::crypto3::algebra::curves::detail::curve_element< CurveParams, forms::short_weierstrass, coordinates::affine >::to_projective
constexpr curve_element< params_type, form, typename curves::coordinates::projective > to_projective() const
Definition: short_weierstrass/element_g1_affine.hpp:147
nil::crypto3::algebra::curves::detail::curve_element< CurveParams, forms::short_weierstrass, coordinates::affine >::X
field_value_type X
Definition: short_weierstrass/element_g1_affine.hpp:68
nil::crypto3::algebra::curves::detail::curve_element< CurveParams, forms::short_weierstrass, coordinates::affine >::zero
constexpr static curve_element zero()
Get the point at infinity.
Definition: short_weierstrass/element_g1_affine.hpp:92
nil::crypto3::algebra::curves::detail::curve_element< CurveParams, forms::short_weierstrass, coordinates::affine >::operator+
constexpr curve_element operator+(const curve_element &other) const
Definition: short_weierstrass/element_g1_affine.hpp:166
nil::crypto3::algebra::curves::detail::curve_element< CurveParams, forms::short_weierstrass, coordinates::affine >::curve_element
constexpr curve_element()
Definition: short_weierstrass/element_g1_affine.hpp:77
nil::crypto3::algebra::curves::detail::curve_element< CurveParams, forms::short_weierstrass, coordinates::affine >::group_type
typename params_type::template group_type< coordinates > group_type
Definition: short_weierstrass/element_g1_affine.hpp:66
nil::crypto3::algebra::curves::detail::curve_element< CurveParams, forms::short_weierstrass, coordinates::affine >::Y
field_value_type Y
Definition: short_weierstrass/element_g1_affine.hpp:69
nil::crypto3::algebra::curves::detail::curve_element< CurveParams, forms::short_weierstrass, coordinates::affine >::one
constexpr static curve_element one()
Get the generator of group G1.
Definition: short_weierstrass/element_g1_affine.hpp:99
nil::crypto3::algebra::curves::detail::curve_element< CurveParams, forms::short_weierstrass, coordinates::affine >::operator==
constexpr bool operator==(const curve_element &other) const
Definition: short_weierstrass/element_g1_affine.hpp:105
nil::crypto3::algebra::curves::detail::curve_element< CurveParams, forms::short_weierstrass, coordinates::affine >::operator-
constexpr curve_element operator-() const
Definition: short_weierstrass/element_g1_affine.hpp:183
nil::crypto3::algebra::curves::detail::curve_element< CurveParams, forms::short_weierstrass, coordinates::affine >::is_zero
constexpr bool is_zero() const
Definition: short_weierstrass/element_g1_affine.hpp:135
nil::crypto3::algebra::curves::detail::curve_element< CurveParams, forms::short_weierstrass, coordinates::affine >::curve_element
constexpr curve_element(field_value_type in_X, field_value_type in_Y)
Definition: short_weierstrass/element_g1_affine.hpp:84
nil::crypto3::algebra::curves::detail::curve_element< CurveParams, forms::short_weierstrass, coordinates::affine >::operator!=
constexpr bool operator!=(const curve_element &other) const
Definition: short_weierstrass/element_g1_affine.hpp:127
nil::crypto3::algebra::curves::detail::curve_element
A struct representing a group G1 of elliptic curve.
Definition: algebra/include/nil/crypto3/algebra/curves/detail/forms/edwards/inverted/element_g1.hpp:50
nil::crypto3::algebra::curves::forms::short_weierstrass
Definition: forms.hpp:67
nil::crypto3::algebra::curves::forms
Definition: forms.hpp:34