Struct elastic_elgamal::group::Curve25519Subgroup

source · 
pub struct Curve25519Subgroup(/* private fields */);
Expand description

Prime-order subgroup of Curve25519 without any transforms performed for EC points.

Since the curve has cofactor 8, ElementOps::deserialize_element() implementation explicitly checks on deserializing each EC point that the point is torsion-free (belongs to the prime-order subgroup), which is moderately slow (takes ~0.1ms on a laptop).

Prefer using Ristretto if compatibility with other Curve25519 applications is not a concern. (If it is a concern, beware of cofactor pitfalls!)

Trait Implementations§

source§

impl Clone for Curve25519Subgroup

source§

fn clone(&self) -> Curve25519Subgroup

Returns a copy of the value. Read more
1.0.0 · source§

fn clone_from(&mut self, source: &Self)

Performs copy-assignment from source. Read more
source§

impl Debug for Curve25519Subgroup

source§

fn fmt(&self, f: &mut Formatter<'_>) -> Result

Formats the value using the given formatter. Read more
source§

impl ElementOps for Curve25519Subgroup

§

type Element = EdwardsPoint

Element of the group. Arithmetic operations requested here (addition among elements and multiplication by a Scalar) must be constant-time.
source§

const ELEMENT_SIZE: usize = 32usize

Byte size of a serialized Self::Element.
source§

fn identity() -> Self::Element

Returns the identity of the group (aka point at infinity for EC groups).
source§

fn is_identity(element: &Self::Element) -> bool

Checks if the specified element is the identity.
source§

fn generator() -> Self::Element

Returns the agreed-upon generator of the group.
source§

fn serialize_element(element: &Self::Element, buffer: &mut [u8])

Serializes element into the provided buffer, which is guaranteed to have length Self::ELEMENT_SIZE.
source§

fn deserialize_element(buffer: &[u8]) -> Option<Self::Element>

Deserializes an element from buffer, which is guaranteed to have length Self::ELEMENT_SIZE. This method returns None if the buffer does not correspond to a representation of a valid scalar.
source§

impl Group for Curve25519Subgroup

source§

fn mul_generator(k: &Scalar) -> Self::Element

Multiplies the provided scalar by ElementOps::generator(). This operation must be constant-time. Read more
source§

fn vartime_mul_generator(k: &Scalar) -> Self::Element

Multiplies the provided scalar by ElementOps::generator(). Unlike Self::mul_generator(), this operation does not need to be constant-time; thus, it may employ additional optimizations. Read more
source§

fn multi_mul<'a, I, J>(scalars: I, elements: J) -> Self::Element
where I: IntoIterator<Item = &'a Self::Scalar>, J: IntoIterator<Item = Self::Element>,

Multiplies provided scalars by elements. This operation must be constant-time w.r.t. the given length of elements. Read more
source§

fn vartime_double_mul_generator( k: &Scalar, k_element: Self::Element, r: &Scalar ) -> Self::Element

Calculates k * k_element + r * G, where G is the group generator. This operation does not need to be constant-time. Read more
source§

fn vartime_multi_mul<'a, I, J>(scalars: I, elements: J) -> Self::Element
where I: IntoIterator<Item = &'a Self::Scalar>, J: IntoIterator<Item = Self::Element>,

Multiplies provided scalars by elements. Unlike Self::multi_mul(), this operation does not need to be constant-time; thus, it may employ additional optimizations. Read more
source§

impl Hash for Curve25519Subgroup

source§

fn hash<__H: Hasher>(&self, state: &mut __H)

Feeds this value into the given Hasher. Read more
1.3.0 · source§

fn hash_slice<H>(data: &[Self], state: &mut H)
where H: Hasher, Self: Sized,

Feeds a slice of this type into the given Hasher. Read more
source§

impl PartialEq for Curve25519Subgroup

source§

fn eq(&self, other: &Curve25519Subgroup) -> bool

This method tests for self and other values to be equal, and is used by ==.
1.0.0 · source§

fn ne(&self, other: &Rhs) -> bool

This method tests for !=. The default implementation is almost always sufficient, and should not be overridden without very good reason.
source§

impl ScalarOps for Curve25519Subgroup

§

type Scalar = Scalar

Scalar type. As per Group contract, scalars must form a prime field. Arithmetic operations on scalars requested here must be constant-time.
source§

const SCALAR_SIZE: usize = 32usize

Byte size of a serialized Self::Scalar.
source§

fn generate_scalar<R: CryptoRng + RngCore>(rng: &mut R) -> Self::Scalar

Generates a random scalar based on the provided CSPRNG. This operation must be constant-time.
source§

fn scalar_from_random_bytes(source: RandomBytesProvider<'_>) -> Self::Scalar

Generates a scalar from a source of random bytes. This operation must be constant-time. The source is guaranteed to return any necessary number of bytes. Read more
source§

fn invert_scalar(scalar: Self::Scalar) -> Self::Scalar

Inverts the scalar, which is guaranteed to be non-zero. This operation does not need to be constant-time.
source§

fn invert_scalars(scalars: &mut [Self::Scalar])

Inverts scalars in a batch. This operation does not need to be constant-time. Read more
source§

fn serialize_scalar(scalar: &Self::Scalar, buffer: &mut [u8])

Serializes the scalar into the provided buffer, which is guaranteed to have length Self::SCALAR_SIZE.
source§

fn deserialize_scalar(buffer: &[u8]) -> Option<Self::Scalar>

Deserializes the scalar from buffer, which is guaranteed to have length Self::SCALAR_SIZE. This method returns None if the buffer does not correspond to a representation of a valid scalar.
source§

impl Copy for Curve25519Subgroup

source§

impl Eq for Curve25519Subgroup

source§

impl StructuralPartialEq for Curve25519Subgroup

Auto Trait Implementations§

Blanket Implementations§

source§

impl<T> Any for T
where T: 'static + ?Sized,

source§

fn type_id(&self) -> TypeId

Gets the TypeId of self. Read more
source§

impl<T> Borrow<T> for T
where T: ?Sized,

source§

fn borrow(&self) -> &T

Immutably borrows from an owned value. Read more
source§

impl<T> BorrowMut<T> for T
where T: ?Sized,

source§

fn borrow_mut(&mut self) -> &mut T

Mutably borrows from an owned value. Read more
source§

impl<T> From<T> for T

source§

fn from(t: T) -> T

Returns the argument unchanged.

source§

impl<T, U> Into<U> for T
where U: From<T>,

source§

fn into(self) -> U

Calls U::from(self).

That is, this conversion is whatever the implementation of From<T> for U chooses to do.

source§

impl<T> Same for T

§

type Output = T

Should always be Self
source§

impl<T> ToOwned for T
where T: Clone,

§

type Owned = T

The resulting type after obtaining ownership.
source§

fn to_owned(&self) -> T

Creates owned data from borrowed data, usually by cloning. Read more
source§

fn clone_into(&self, target: &mut T)

Uses borrowed data to replace owned data, usually by cloning. Read more
source§

impl<T, U> TryFrom<U> for T
where U: Into<T>,

§

type Error = Infallible

The type returned in the event of a conversion error.
source§

fn try_from(value: U) -> Result<T, <T as TryFrom<U>>::Error>

Performs the conversion.
source§

impl<T, U> TryInto<U> for T
where U: TryFrom<T>,

§

type Error = <U as TryFrom<T>>::Error

The type returned in the event of a conversion error.
source§

fn try_into(self) -> Result<U, <U as TryFrom<T>>::Error>

Performs the conversion.
§

impl<V, T> VZip<V> for T
where V: MultiLane<T>,

§

fn vzip(self) -> V