Struct curve25519_dalek::ristretto::RistrettoPoint[][src]

pub struct RistrettoPoint(_);

A RistrettoPoint represents a point in the Ristretto group for Curve25519. Ristretto, a variant of Decaf, constructs a prime-order group as a quotient group of a subgroup of (the Edwards form of) Curve25519.

Internally, a RistrettoPoint is implemented as a wrapper type around EdwardsPoint, with custom equality, compression, and decompression routines to account for the quotient. This means that operations on RistrettoPoints are exactly as fast as operations on EdwardsPoints.

Methods

impl RistrettoPoint
[src]

Compress this point using the Ristretto encoding.

Double-and-compress a batch of points. The Ristretto encoding is not batchable, since it requires an inverse square root.

However, given input points \( P_1, \ldots, P_n, \) it is possible to compute the encodings of their doubles \( \mathrm{enc}( [2]P_1), \ldots, \mathrm{enc}( [2]P_n ) \) in a batch.

This function has optimal performance when the batch size is a power of two, but this is not a requirement.

extern crate rand;
use rand::rngs::OsRng;

let mut rng = OsRng::new().unwrap();
let points: Vec<RistrettoPoint> =
    (0..32).map(|_| RistrettoPoint::random(&mut rng)).collect();

let compressed = RistrettoPoint::double_and_compress_batch(&points);

for (P, P2_compressed) in points.iter().zip(compressed.iter()) {
    assert_eq!(*P2_compressed, (P + P).compress());
}

Return a RistrettoPoint chosen uniformly at random using a user-provided RNG.

Inputs

  • rng: any RNG which implements the rand::Rng interface.

Returns

A random element of the Ristretto group.

Implementation

Uses the Ristretto-flavoured Elligator 2 map, so that the discrete log of the output point with respect to any other point should be unknown. The map is applied twice and the results are added, to ensure a uniform distribution.

Hash a slice of bytes into a RistrettoPoint.

Takes a type parameter D, which is any Digest producing 64 bytes of output.

Convenience wrapper around from_hash.

Implementation

Uses the Ristretto-flavoured Elligator 2 map, so that the discrete log of the output point with respect to any other point should be unknown. The map is applied twice and the results are added, to ensure a uniform distribution.

Example

extern crate sha2;
use sha2::Sha512;

let msg = "To really appreciate architecture, you may even need to commit a murder";
let P = RistrettoPoint::hash_from_bytes::<Sha512>(msg.as_bytes());

Construct a RistrettoPoint from an existing Digest instance.

Use this instead of hash_from_bytes if it is more convenient to stream data into the Digest than to pass a single byte slice.

Trait Implementations

impl Copy for RistrettoPoint
[src]

impl Clone for RistrettoPoint
[src]

Returns a copy of the value. Read more

Performs copy-assignment from source. Read more

impl Identity for RistrettoPoint
[src]

Returns the identity element of the curve. Can be used as a constructor. Read more

impl PartialEq for RistrettoPoint
[src]

This method tests for self and other values to be equal, and is used by ==. Read more

This method tests for !=.

impl ConstantTimeEq for RistrettoPoint
[src]

Test equality between two RistrettoPoints.

Returns

  • Choice(1) if the two RistrettoPoints are equal;
  • Choice(0) otherwise.

impl Eq for RistrettoPoint
[src]

impl<'a, 'b> Add<&'b RistrettoPoint> for &'a RistrettoPoint
[src]

The resulting type after applying the + operator.

Performs the + operation.

impl<'b> Add<&'b RistrettoPoint> for RistrettoPoint
[src]

The resulting type after applying the + operator.

Performs the + operation.

impl<'a> Add<RistrettoPoint> for &'a RistrettoPoint
[src]

The resulting type after applying the + operator.

Performs the + operation.

impl Add<RistrettoPoint> for RistrettoPoint
[src]

The resulting type after applying the + operator.

Performs the + operation.

impl<'b> AddAssign<&'b RistrettoPoint> for RistrettoPoint
[src]

Performs the += operation.

impl AddAssign<RistrettoPoint> for RistrettoPoint
[src]

Performs the += operation.

impl<'a, 'b> Sub<&'b RistrettoPoint> for &'a RistrettoPoint
[src]

The resulting type after applying the - operator.

Performs the - operation.

impl<'b> Sub<&'b RistrettoPoint> for RistrettoPoint
[src]

The resulting type after applying the - operator.

Performs the - operation.

impl<'a> Sub<RistrettoPoint> for &'a RistrettoPoint
[src]

The resulting type after applying the - operator.

Performs the - operation.

impl Sub<RistrettoPoint> for RistrettoPoint
[src]

The resulting type after applying the - operator.

Performs the - operation.

impl<'b> SubAssign<&'b RistrettoPoint> for RistrettoPoint
[src]

Performs the -= operation.

impl SubAssign<RistrettoPoint> for RistrettoPoint
[src]

Performs the -= operation.

impl<T> Sum<T> for RistrettoPoint where
    T: Borrow<RistrettoPoint>, 
[src]

Method which takes an iterator and generates Self from the elements by "summing up" the items. Read more

impl<'a> Neg for &'a RistrettoPoint
[src]

The resulting type after applying the - operator.

Performs the unary - operation.

impl Neg for RistrettoPoint
[src]

The resulting type after applying the - operator.

Performs the unary - operation.

impl<'b> MulAssign<&'b Scalar> for RistrettoPoint
[src]

Performs the *= operation.

impl<'a, 'b> Mul<&'b Scalar> for &'a RistrettoPoint
[src]

The resulting type after applying the * operator.

Scalar multiplication: compute scalar * self.

impl<'a, 'b> Mul<&'b RistrettoPoint> for &'a Scalar
[src]

The resulting type after applying the * operator.

Scalar multiplication: compute self * scalar.

impl MulAssign<Scalar> for RistrettoPoint
[src]

Performs the *= operation.

impl<'b> Mul<&'b Scalar> for RistrettoPoint
[src]

The resulting type after applying the * operator.

Performs the * operation.

impl<'a> Mul<Scalar> for &'a RistrettoPoint
[src]

The resulting type after applying the * operator.

Performs the * operation.

impl Mul<Scalar> for RistrettoPoint
[src]

The resulting type after applying the * operator.

Performs the * operation.

impl<'b> Mul<&'b RistrettoPoint> for Scalar
[src]

The resulting type after applying the * operator.

Performs the * operation.

impl<'a> Mul<RistrettoPoint> for &'a Scalar
[src]

The resulting type after applying the * operator.

Performs the * operation.

impl Mul<RistrettoPoint> for Scalar
[src]

The resulting type after applying the * operator.

Performs the * operation.

impl MultiscalarMul for RistrettoPoint
[src]

The type of point being multiplied, e.g., RistrettoPoint.

Given an iterator of (possibly secret) scalars and an iterator of public points, compute $$ Q = c_1 P_1 + \cdots + c_n P_n. $$ Read more

impl VartimeMultiscalarMul for RistrettoPoint
[src]

The type of point being multiplied, e.g., RistrettoPoint.

Given an iterator of (possibly secret) scalars and an iterator of public points, compute $$ Q = c_1 P_1 + \cdots + c_n P_n. $$ Read more

impl ConditionallyAssignable for RistrettoPoint
[src]

Conditionally assign other to self, if choice == Choice(1).

Example

use subtle::ConditionallyAssignable;
use subtle::Choice;

let A = RistrettoPoint::identity();
let B = constants::RISTRETTO_BASEPOINT_POINT;

let mut P = A;

P.conditional_assign(&B, Choice::from(0));
assert_eq!(P, A);
P.conditional_assign(&B, Choice::from(1));
assert_eq!(P, B);

impl Debug for RistrettoPoint
[src]

Formats the value using the given formatter. Read more

Auto Trait Implementations