class Noble::Ed25519::ExtendedPoint

Overview

Extended Point works in extended coordinates: (x, y, z, t) ∋ (x=x/z, y=y/z, t=xy). Default Point works in affine coordinates: (x, y) https://en.wikipedia.org/wiki/Twisted_Edwards_curve#Extended_coordinates

Defined in:

noble-ed25519.cr

Constant Summary

BASE = ExtendedPoint.new(Curve::Gx, Curve::Gy, One, Noble::Ed25519.mod(Curve::Gx * Curve::Gy))
ZERO = ExtendedPoint.new(Zero, One, One, Zero)

Constructors

Class Method Summary

Instance Method Summary

Constructor Detail

def self.fromAffine(p : Point) : ExtendedPoint #

[View source]
def self.new(x : BigInt, y : BigInt, z : BigInt, t : BigInt) #

[View source]

Class Method Detail

def self.normalizeZ(points : Array(ExtendedPoint)) : Array(ExtendedPoint) #

[View source]
def self.toAffineBatch(points : Array(ExtendedPoint)) : Array(Point) #

Takes a bunch of Jacobian Points but executes only one invert on all of them. invert is very slow operation, so this improves performance massively.


[View source]

Instance Method Detail

def ==(other : ExtendedPoint) : Bool #

[View source]
def add(other : ExtendedPoint) #

Fast algo for adding 2 Extended Points when curve's a=-1. http://hyperelliptic.org/EFD/g1p/auto-twisted-extended-1.html#addition-add-2008-hwcd-4 Cost: 8M + 8add + 2*2. Note: It does not check whether the other point is valid.


[View source]
def double : ExtendedPoint #

Fast algo for doubling Extended Point when curve's a=-1. http://hyperelliptic.org/EFD/g1p/auto-twisted-extended-1.html#doubling-dbl-2008-hwcd Cost: 3M + 4S + 1a + 7add + 12.


[View source]
def equals(other : ExtendedPoint) : Bool #

Compare one point to another.


[View source]
def isSmallOrder : Bool #

[View source]
def isTorsionFree : Bool #

[View source]
def multiply(scalar : Int, affinePoint : Point | Nil) : ExtendedPoint #

Constant time multiplication. Uses wNAF method. Windowed method may be 10% faster, but takes 2x longer to generate and consumes 2x memory.


[View source]
def multiplyUnsafe(scalar : Int) : ExtendedPoint #

Non-constant-time multiplication. Uses double-and-add algorithm. It's faster, but should only be used when you don't care about an exposed private key e.g. sig verification. Allows scalar bigger than curve order, but less than 2^256


[View source]
def negate : ExtendedPoint #

Inverses point to one corresponding to (x, -y) in Affine coordinates.


[View source]
def subtract(other : ExtendedPoint) : ExtendedPoint #

[View source]
def t : BigInt #

[View source]
def t=(t : BigInt) #

[View source]
def toAffine(invZ : BigInt = Noble::Ed25519.invert(@z)) : Point #

Converts Extended point to default (x, y) coordinates. Can accept precomputed Z^-1 - for example, from invertBatch.


[View source]
def x : BigInt #

[View source]
def x=(x : BigInt) #

[View source]
def y : BigInt #

[View source]
def y=(y : BigInt) #

[View source]
def z : BigInt #

[View source]
def z=(z : BigInt) #

[View source]