Struct curve25519_dalek::curve::EdwardsBasepointTable

pub struct EdwardsBasepointTable(pub [[AffineNielsPoint; 8]; 32]);

Precomputation

Methods

impl EdwardsBasepointTable

fn basepoint_mult(&self, scalar: &Scalar) -> ExtendedPoint

Construct an ExtendedPoint from a Scalar, scalar, by computing the multiple aB of the basepoint B.

Precondition: the scalar must be reduced.

The computation proceeds as follows, as described on page 13 of the Ed25519 paper. Write the scalar a in radix 16 with coefficients in [-8,8), i.e.,

a = a_0 + a_1*16¹ + ... + a_63*16^63,

with -8 ≤ a_i < 8. Then

a*B = a_0*B + a_1*16^1*B + ... + a_63*16^63*B.

Grouping even and odd coefficients gives

a*B = a_0*16^0*B + a_2*16^2*B + ... + a_62*16^62*B + a_1*16^1*B + a_3*16^3*B + ... + a_63*16^63*B = (a_0*16^0*B + a_2*16^2*B + ... + a_62*16^62*B) + 16*(a_1*16^0*B + a_3*16^2*B + ... + a_63*16^62*B).

We then use the select_precomputed_point function, which takes -8 ≤ x < 8 and [16^2i * B, ..., 8 * 16^2i * B], and returns x * 16^2i * B in constant time.

Trait Implementations

impl Clone for EdwardsBasepointTable

fn clone(&self) -> EdwardsBasepointTable

Returns a copy of the value.

fn clone_from(&mut self, source: &Self)

Performs copy-assignment from source.