Expand description
§bls12_381
This crate provides an implementation of the BLS12-381 pairing-friendly elliptic curve construction.
- This implementation has not been reviewed or audited. Use at your own risk.
- This implementation targets Rust
1.36or later. - This implementation does not require the Rust standard library.
- All operations are constant time unless explicitly noted.
Re-exports§
pub use g1::G1Affine;groupspub use g1::G1Projective;groups
Modules§
- fp
groups - This module provides an implementation of the BLS12-381 base field
GF(p)wherep = 0x1a0111ea397fe69a4b1ba7b6434bacd764774b84f38512bf6730d2a0f6b0f6241eabfffeb153ffffb9feffffffffaaab - fp2
groups - This module implements arithmetic over the quadratic extension field Fp2.
- fp6
groups - fp12
groups - g1
groups - This module provides an implementation of the $\mathbb{G}_1$ group of BLS12-381.
- notes
- Notes about how the BLS12-381 elliptic curve is designed, specified and implemented by this library.
Structs§
- Bls12
pairings - A
pairing::Enginefor BLS12-381 pairing operations. - G2Affine
groups - This is an element of $\mathbb{G}_2$ represented in the affine coordinate space. It is ideal to keep elements in this representation to reduce memory usage and improve performance through the use of mixed curve model arithmetic.
- G2Prepared
pairingsandalloc - This structure contains cached computations pertaining to a $\mathbb{G}_2$
element as part of the pairing function (specifically, the Miller loop) and
so should be computed whenever a $\mathbb{G}_2$ element is being used in
multiple pairings or is otherwise known in advance. This should be used in
conjunction with the
multi_miller_loopfunction provided by this crate. - G2Projective
groups - This is an element of $\mathbb{G}_2$ represented in the projective coordinate space.
- Gt
pairings - This is an element of $\mathbb{G}_T$, the target group of the pairing function. As with $\mathbb{G}_1$ and $\mathbb{G}_2$ this group has order $q$.
- Miller
Loop Result pairings - Represents results of a Miller loop, one of the most expensive portions
of the pairing function.
MillerLoopResults cannot be compared with each other until.final_exponentiation()is called, which is also expensive. - Scalar
- Represents an element of the scalar field $\mathbb{F}_q$ of the BLS12-381 elliptic curve construction.
Functions§
- multi_
miller_ loop pairingsandalloc - Computes $$\sum_{i=1}^n \textbf{ML}(a_i, b_i)$$ given a series of terms $$(a_1, b_1), (a_2, b_2), …, (a_n, b_n).$$
- pairing
pairings - Invoke the pairing function without the use of precomputation and other optimizations.