Skip to content
This repository has been archived by the owner on Nov 9, 2023. It is now read-only.

Implement Point Compression/Decompression for Twisted Edwards Coordinates. #69

Merged
merged 7 commits into from
Jul 23, 2019
Merged

Implement Point Compression/Decompression for Twisted Edwards Coordinates. #69

merged 7 commits into from
Jul 23, 2019

Conversation

CPerezz
Copy link
Contributor

@CPerezz CPerezz commented Jul 23, 2019

This PR closes #30

On this PR are included the functions that allow encoding an EdwardsPoint as a CompressedEdwardsY, which is the most optimal way of representing a point over the Twisted Edwards Extended Coordinates.

The CompressedEdwardsY consists on the y-coordinate of the EdwardsPoint encoded as bytes
and the highest bit of the last byte of it set to:

  • 1 => X has a positive sign.
  • 0 => X has a negative sign.

decompress() returns an Option<EdwardsPoint> since we cannot assume that the y is a valid coordinate over the curve.

CPerezz added 7 commits July 19, 2019 15:22
@CPerezz
Impl Eq and PartialEq for CompressedEdwardsY
a6a190e 
This two trait impl rely on the `ConstantTimeEq`
impl which compares both point sets con CTTime.
@CPerezz
Impl find_xx() fn on edwards.rs
776ac7b 
Given a `y-coordinate´, this function solves the equation of the curve
returning a FieldElement with `x^2` represented on it.
@CPerezz
Impl Point compression for EdwardsPoint
ba4cb82 
This function compresses an EdwardsPoint into a
`CompressedEdwardsY`.
It encodes the sign of the x-coordinate and sets
it on the highest bit of the last byte of the
compressed point.

1 => positive.
0 => negative.
@CPerezz
Implement tests for point compression.
c908b47 
The `compress()` function had an error since it was
encoding the x-coordinate and not the `y` one as
bytes.

Refactored this, tests were done and all of them passed.
@CPerezz
Finnish compression tests
328d501 
Implemented tests for both results of point
compression.
All sign encodings are valid and correct.

This finnishes the half part of #30
@CPerezz
Implement Point Decompression for CompressedEdwardsY
5230db6 
This function returns `None` if the y-coordinate
of the point does not rely on the curve.

Otherways, returns Some(ExtendedPoint) with the
result shown as a `EdwardsPoint` struct.
@CPerezz
Refactor choice comparaisons shape.
daeee74 
It's easier to execute the comparaisons by
unwraping the Choice and comparing it to
`1u8` than getting a bool from the Choice.
@CPerezz CPerezz added enhancement New feature or request review needed This PR, MR or Issue status needs to be reviewed. documentation Improvements or additions to documentation end_user_utility This feature provides value for the end-user speed_improvement New implementation or changes that speed up existing processes. labels Jul 23, 2019
@CPerezz CPerezz requested a review from LukePearson1 July 23, 2019 00:16
@codecov
Copy link

codecov bot commented Jul 23, 2019
edited
Loading

Codecov Report

Merging #69 into master will increase coverage by 0.62%.
The diff coverage is 100%.

Impacted file tree graph

@@            Coverage Diff            @@
##           master     #69      +/-   ##
=========================================
+ Coverage   96.77%   97.4%   +0.62%     
=========================================
  Files           4       4              
  Lines        2358    2544     +186     
=========================================
+ Hits         2282    2478     +196     
+ Misses         76      66      -10
Impacted Files Coverage Δ
src/edwards.rs 92.46% <100%> (+4.76%) ⬆️
src/backend/u64/field.rs 99.34% <100%> (ø) ⬆️

Continue to review full report at Codecov.

Legend - Click here to learn more
Δ = absolute <relative> (impact), ø = not affected, ? = missing data
Powered by Codecov. Last update 5881858...daeee74. Read the comment docs.

@CPerezz
Copy link
Contributor Author

CPerezz commented Jul 23, 2019

@Bounce23, once you review this, (if everything it's okay), merge it!

LukePearson1
LukePearson1 reviewed Jul 23, 2019
View reviewed changes
src/edwards.rs
@@ -822,7 +871,7 @@ impl ConstantTimeEq for AffinePoint {

impl PartialEq for AffinePoint {
fn eq(&self, other: &Self) -> bool {
bool::from(self.ct_eq(&other))
self.ct_eq(&other).unwrap_u8() == 1u8
}
}
Copy link
Contributor

@LukePearson1 LukePearson1 Jul 23, 2019
edited
Loading

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

The projective here is perfect, is there a means of hyperlinking or somehow directing users from this code to worked examples in other parts of the library?

LukePearson1
LukePearson1 reviewed Jul 23, 2019
View reviewed changes
src/backend/u64/field.rs
@@ -448,7 +448,7 @@ impl<'a> ModSqrt for &'a FieldElement {
let b;
while i < m {
i = i + one;
if bool::from(t.pow(&e).ct_eq(&one)) {break;}
if t.pow(&e).ct_eq(&one).unwrap_u8() == 1u8 {break;}
e = e * two;
}

Copy link
Contributor

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

This is approved, however, I want to open an issue for using a different modular method (perhaps on associated with the inverse function), to determine positive and negative outputs from the prime_mod_sqrt function.

LukePearson1
LukePearson1 approved these changes Jul 23, 2019
View reviewed changes
Copy link
Contributor

@LukePearson1 LukePearson1 left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

This approved as it all 'suffices' for moving on to ristretto works. However, if you read the single comments you will see that I am looking to improve the first commit.

@LukePearson1 LukePearson1 merged commit 452c911 into master Jul 23, 2019
@CPerezz CPerezz deleted the compression_edws branch July 24, 2019 10:06
Sign up for free to subscribe to this conversation on GitHub. Already have an account? Sign in.
Reviewers

@LukePearson1 LukePearson1 LukePearson1 approved these changes

Assignees

@CPerezz CPerezz

@LukePearson1 LukePearson1

Labels
documentation Improvements or additions to documentation end_user_utility This feature provides value for the end-user enhancement New feature or request review needed This PR, MR or Issue status needs to be reviewed. speed_improvement New implementation or changes that speed up existing processes.
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.

#ITEM 2 - Implement Point Compression & Decompression for Edwards Points.
2 participants
@CPerezz @LukePearson1