Type Alias EdwardsBasepointTableRadix16

pub type EdwardsBasepointTableRadix16 = EdwardsBasepointTable;

A type-alias for EdwardsBasepointTable because the latter is used as a constructor in the constants module.

Aliased Type

struct EdwardsBasepointTableRadix16(/* private fields */);

Trait Implementations

impl<'a> From<&'a EdwardsBasepointTableRadix128> for EdwardsBasepointTableRadix16

fn from( table: &'a EdwardsBasepointTableRadix128, ) -> EdwardsBasepointTableRadix16

Converts to this type from the input type.

impl<'a> From<&'a EdwardsBasepointTableRadix256> for EdwardsBasepointTableRadix16

fn from( table: &'a EdwardsBasepointTableRadix256, ) -> EdwardsBasepointTableRadix16

Converts to this type from the input type.

impl<'a> From<&'a EdwardsBasepointTableRadix32> for EdwardsBasepointTableRadix16

fn from(table: &'a EdwardsBasepointTableRadix32) -> EdwardsBasepointTableRadix16

Converts to this type from the input type.

impl<'a> From<&'a EdwardsBasepointTableRadix64> for EdwardsBasepointTableRadix16

fn from(table: &'a EdwardsBasepointTableRadix64) -> EdwardsBasepointTableRadix16

Converts to this type from the input type.

impl BasepointTable for EdwardsBasepointTable

fn create(basepoint: &EdwardsPoint) -> EdwardsBasepointTable

Create a table of precomputed multiples of basepoint.

fn basepoint(&self) -> EdwardsPoint

Get the basepoint for this table as an EdwardsPoint.

fn mul_base(&self, scalar: &Scalar) -> EdwardsPoint

The computation uses Pippeneger’s algorithm, as described for the specific case of radix-16 on page 13 of the Ed25519 paper.

Piggenger’s Algorithm Generalised

Write the scalar \(a\) in radix-\(w\), where \(w\) is a power of 2, with coefficients in \([\frac{-w}{2},\frac{w}{2})\), i.e., $$ a = a_0 + a_1 w^1 + \cdots + a_{x} w^{x}, $$ with $$ \begin{aligned} \frac{-w}{2} \leq a_i < \frac{w}{2} &&\cdots&& \frac{-w}{2} \leq a_{x} \leq \frac{w}{2} \end{aligned} $$ and the number of additions, \(x\), is given by \(x = \lceil \frac{256}{w} \rceil\). Then $$ a B = a_0 B + a_1 w^1 B + \cdots + a_{x-1} w^{x-1} B. $$ Grouping even and odd coefficients gives $$ \begin{aligned} a B = \quad a_0 w^0 B +& a_2 w^2 B + \cdots + a_{x-2} w^{x-2} B \\ + a_1 w^1 B +& a_3 w^3 B + \cdots + a_{x-1} w^{x-1} B \\ = \quad(a_0 w^0 B +& a_2 w^2 B + \cdots + a_{x-2} w^{x-2} B) \\ + w(a_1 w^0 B +& a_3 w^2 B + \cdots + a_{x-1} w^{x-2} B). \\ \end{aligned} $$ For each \(i = 0 \ldots 31\), we create a lookup table of $$ [w^{2i} B, \ldots, \frac{w}{2}\cdot w^{2i} B], $$ and use it to select \( y \cdot w^{2i} \cdot B \) in constant time.

The radix-\(w\) representation requires that the scalar is bounded by \(2^{255}\), which is always the case.

The above algorithm is trivially generalised to other powers-of-2 radices.

type Point = EdwardsPoint

The type of point contained within this table.

fn mul_base_clamped(&self, bytes: [u8; 32]) -> Self::Point

Multiply clamp_integer(bytes) by this precomputed basepoint table, in constant time. For a description of clamping, see clamp_integer.

impl Clone for EdwardsBasepointTable

fn clone(&self) -> EdwardsBasepointTable

Returns a copy of the value.

fn clone_from(&mut self, source: &Self)

Performs copy-assignment from source.

impl Debug for EdwardsBasepointTable

fn fmt(&self, f: &mut Formatter<'_>) -> Result

Formats the value using the given formatter.

Layout

Note: Most layout information is completely unstable and may even differ between compilations. The only exception is types with certain repr(...) attributes. Please see the Rust Reference's “Type Layout” chapter for details on type layout guarantees.

Size: 30720 bytes