Michael Hamburg
10 years ago
1 changed files with 13 additions and 16 deletions
Unified View
Diff Options
-
+13 -16aux/decaffeinate_curve25519.sage
+ 13
- 16
aux/decaffeinate_curve25519.sage
View File
| @@ -3,7 +3,9 @@ | |||||
| F = GF(2^255-19) | F = GF(2^255-19) | ||||
| d = -121665 | d = -121665 | ||||
| M = EllipticCurve(F,[0,2-4*d,0,1,0]) | M = EllipticCurve(F,[0,2-4*d,0,1,0]) | ||||
| sqrtN1 = sqrt(F(-1)) | |||||
| def maybe(): return randint(0,1) | def maybe(): return randint(0,1) | ||||
| def qpositive(x): | def qpositive(x): | ||||
| @@ -39,21 +41,16 @@ def decaf_encode_from_E(X,Y): | |||||
| return s | return s | ||||
| def isqrt(x): | def isqrt(x): | ||||
| assert(x.is_square()) | |||||
| def op(st,sh,add): | |||||
| x,y,z = st | |||||
| return x,st[1]^(2^sh)*st[add],y | |||||
| ops = [(1,0),(1,0),(3,1),(6,1),(1,0),(12,2),(25,1),(25,2),(50,2),(125,1),(2,0),(1,0)] | |||||
| st = (x,x,x) | |||||
| for sh,add in ops: | |||||
| st = op(st,sh,add) | |||||
| #assert st[2] == x^(2^252-3) | |||||
| i = sqrt(F(-1)) | |||||
| if st[1] == 1: return st[2] | |||||
| else: return st[2] * i | |||||
| ops = [(1,2),(1,2),(3,1),(6,0),(1,2),(12,1),(25,1),(25,1),(50,0),(125,0),(2,2),(1,2)] | |||||
| st = [x,x,x] | |||||
| for i,(sh,add) in enumerate(ops): | |||||
| od = i&1 | |||||
| st[od] = st[od^^1]^(2^sh)*st[add] | |||||
| # assert st[2] == x^(2^252-3) | |||||
| assert st[1] == 1 or st[1] == -1 | |||||
| if st[1] == 1: return st[0] | |||||
| else: return st[0] * sqrtN1 | |||||
| def decaf_encode_from_E_c(X,Y): | def decaf_encode_from_E_c(X,Y): | ||||
| Z = F.random_element() | Z = F.random_element() | ||||