Struct curve25519_dalek::ristretto::RistrettoPoint

pub struct RistrettoPoint(_);

A RistrettoPoint represents a point in the Ristretto group for Curve25519. Ristretto, a variant of Decaf, constructs a prime-order group as a quotient group of a subgroup of (the Edwards form of) Curve25519.

Internally, a RistrettoPoint is implemented as a wrapper type around EdwardsPoint, with custom equality, compression, and decompression routines to account for the quotient. This means that operations on RistrettoPoints are exactly as fast as operations on EdwardsPoints.

Methods

impl RistrettoPoint

fn compress(&self) -> CompressedRistretto

Compress this point using the Ristretto encoding.

fn double_and_compress_batch<'a, I>(points: I) -> Vec<CompressedRistretto> where
    I: IntoIterator<Item = &'a RistrettoPoint>, 

Double-and-compress a batch of points. The Ristretto encoding is not batchable, since it requires an inverse square root.

However, given input points \( P_1, \ldots, P_n, \) it is possible to compute the encodings of their doubles \( \mathrm{enc}( [2]P_1), \ldots, \mathrm{enc}( [2]P_n ) \) in a batch.

This function has optimal performance when the batch size is a power of two, but this is not a requirement.

extern crate rand;
use rand::OsRng;

let mut rng = OsRng::new().unwrap();
let points: Vec<RistrettoPoint> =
    (0..32).map(|_| RistrettoPoint::random(&mut rng)).collect();

let compressed = RistrettoPoint::double_and_compress_batch(&points);

for (P, P2_compressed) in points.iter().zip(compressed.iter()) {
    assert_eq!(*P2_compressed, (P + P).compress());
}

fn random<T: Rng>(rng: &mut T) -> Self

Return a RistrettoPoint chosen uniformly at random using a user-provided RNG.

Inputs

• rng: any RNG which implements the rand::Rng interface.

Returns

A random element of the Ristretto group.

Implementation

Uses the Ristretto-flavoured Elligator 2 map, so that the discrete log of the output point with respect to any other point should be unknown.

fn hash_from_bytes<D>(input: &[u8]) -> RistrettoPoint where
    D: Digest<OutputSize = U32> + Default, 

Hash a slice of bytes into a RistrettoPoint.

Takes a type parameter D, which is any Digest producing 32 bytes (256 bits) of output.

Convenience wrapper around from_hash.

Implementation

Uses the Ristretto-flavoured Elligator 2 map, so that the discrete log of the output point with respect to any other point should be unknown.

Example

extern crate sha2;
use sha2::Sha256;

let msg = "To really appreciate architecture, you may even need to commit a murder";
let P = RistrettoPoint::hash_from_bytes::<Sha256>(msg.as_bytes());

fn from_hash<D>(hash: D) -> RistrettoPoint where
    D: Digest<OutputSize = U32> + Default, 

Construct a RistrettoPoint from an existing Digest instance.

Use this instead of hash_from_bytes if it is more convenient to stream data into the Digest than to pass a single byte slice.

Trait Implementations

impl Copy for RistrettoPoint

impl Clone for RistrettoPoint

fn clone(&self) -> RistrettoPoint

Returns a copy of the value.

fn clone_from(&mut self, source: &Self)

Performs copy-assignment from source.

impl Identity for RistrettoPoint

fn identity() -> RistrettoPoint

Returns the identity element of the curve. Can be used as a constructor.

impl PartialEq for RistrettoPoint

fn eq(&self, other: &RistrettoPoint) -> bool

This method tests for self and other values to be equal, and is used by ==.

fn ne(&self, other: &Rhs) -> bool

This method tests for !=.

impl Equal for RistrettoPoint

fn ct_eq(&self, other: &RistrettoPoint) -> u8

Test equality between two RistrettoPoints.

Returns

1u8 if the two RistrettoPoints are equal, and 0u8 otherwise.

impl Eq for RistrettoPoint

impl<'a, 'b> Add<&'b RistrettoPoint> for &'a RistrettoPoint

type Output = RistrettoPoint

The resulting type after applying the + operator.

fn add(self, other: &'b RistrettoPoint) -> RistrettoPoint

Performs the + operation.

impl<'b> Add<&'b RistrettoPoint> for RistrettoPoint

type Output = RistrettoPoint

The resulting type after applying the + operator.

fn add(self, rhs: &'b RistrettoPoint) -> RistrettoPoint

Performs the + operation.

impl<'a> Add<RistrettoPoint> for &'a RistrettoPoint

type Output = RistrettoPoint

The resulting type after applying the + operator.

fn add(self, rhs: RistrettoPoint) -> RistrettoPoint

Performs the + operation.

impl Add<RistrettoPoint> for RistrettoPoint

type Output = RistrettoPoint

The resulting type after applying the + operator.

fn add(self, rhs: RistrettoPoint) -> RistrettoPoint

Performs the + operation.

impl<'b> AddAssign<&'b RistrettoPoint> for RistrettoPoint

fn add_assign(&mut self, _rhs: &RistrettoPoint)

Performs the += operation.

impl AddAssign<RistrettoPoint> for RistrettoPoint

fn add_assign(&mut self, rhs: RistrettoPoint)

Performs the += operation.

impl<'a, 'b> Sub<&'b RistrettoPoint> for &'a RistrettoPoint

type Output = RistrettoPoint

The resulting type after applying the - operator.

fn sub(self, other: &'b RistrettoPoint) -> RistrettoPoint

Performs the - operation.

impl<'b> Sub<&'b RistrettoPoint> for RistrettoPoint

type Output = RistrettoPoint

The resulting type after applying the - operator.

fn sub(self, rhs: &'b RistrettoPoint) -> RistrettoPoint

Performs the - operation.

impl<'a> Sub<RistrettoPoint> for &'a RistrettoPoint

type Output = RistrettoPoint

The resulting type after applying the - operator.

fn sub(self, rhs: RistrettoPoint) -> RistrettoPoint

Performs the - operation.

impl Sub<RistrettoPoint> for RistrettoPoint

type Output = RistrettoPoint

The resulting type after applying the - operator.

fn sub(self, rhs: RistrettoPoint) -> RistrettoPoint

Performs the - operation.

impl<'b> SubAssign<&'b RistrettoPoint> for RistrettoPoint

fn sub_assign(&mut self, _rhs: &RistrettoPoint)

Performs the -= operation.

impl SubAssign<RistrettoPoint> for RistrettoPoint

fn sub_assign(&mut self, rhs: RistrettoPoint)

Performs the -= operation.

impl<'a> Neg for &'a RistrettoPoint

type Output = RistrettoPoint

The resulting type after applying the - operator.

fn neg(self) -> RistrettoPoint

Performs the unary - operation.

impl Neg for RistrettoPoint

type Output = RistrettoPoint

The resulting type after applying the - operator.

fn neg(self) -> RistrettoPoint

Performs the unary - operation.

impl<'b> MulAssign<&'b Scalar> for RistrettoPoint

fn mul_assign(&mut self, scalar: &'b Scalar)

Performs the *= operation.

impl<'a, 'b> Mul<&'b Scalar> for &'a RistrettoPoint

type Output = RistrettoPoint

The resulting type after applying the * operator.

fn mul(self, scalar: &'b Scalar) -> RistrettoPoint

Scalar multiplication: compute scalar * self.

impl MulAssign<Scalar> for RistrettoPoint

fn mul_assign(&mut self, rhs: Scalar)

Performs the *= operation.

impl<'b> Mul<&'b Scalar> for RistrettoPoint

type Output = RistrettoPoint

The resulting type after applying the * operator.

fn mul(self, rhs: &'b Scalar) -> RistrettoPoint

Performs the * operation.

impl<'a> Mul<Scalar> for &'a RistrettoPoint

type Output = RistrettoPoint

The resulting type after applying the * operator.

fn mul(self, rhs: Scalar) -> RistrettoPoint

Performs the * operation.

impl Mul<Scalar> for RistrettoPoint

type Output = RistrettoPoint

The resulting type after applying the * operator.

fn mul(self, rhs: Scalar) -> RistrettoPoint

Performs the * operation.

impl ConditionallyAssignable for RistrettoPoint

fn conditional_assign(&mut self, other: &RistrettoPoint, choice: u8)

Conditionally assign other to self, if choice == 1u8.

Example

let A = RistrettoPoint::identity();
let B = constants::RISTRETTO_BASEPOINT_POINT;

let mut P = A;

P.conditional_assign(&B, 0u8);
assert!(P == A);
P.conditional_assign(&B, 1u8);
assert!(P == B);

impl Debug for RistrettoPoint

fn fmt(&self, f: &mut Formatter) -> Result

Formats the value using the given formatter.