Trait elliptic_curve::hash2curve::GroupDigest

source · [−]

pub trait GroupDigest: ProjectiveArithmetic where
    ProjectivePoint<Self>: CofactorGroup, {
    type FieldElement: FromOkm + MapToCurve<Output = ProjectivePoint<Self>> + Default + Copy;

    fn hash_from_bytes<'a, X: ExpandMsg<'a>>(
        msgs: &[&[u8]],
        dst: &'a [u8]
    ) -> Result<ProjectivePoint<Self>> { ... }
    fn encode_from_bytes<'a, X: ExpandMsg<'a>>(
        msgs: &[&[u8]],
        dst: &'a [u8]
    ) -> Result<ProjectivePoint<Self>> { ... }
    fn hash_to_scalar<'a, X: ExpandMsg<'a>>(
        msgs: &[&[u8]],
        dst: &'a [u8]
    ) -> Result<Self::Scalar>
    where
        Self::Scalar: FromOkm,
    { ... }
}

Available on crate feature hash2curve only.

Expand description

Adds hashing arbitrary byte sequences to a valid group element

Required Associated Types

source

type FieldElement: FromOkm + MapToCurve<Output = ProjectivePoint<Self>> + Default + Copy

The field element representation for a group value with multiple elements

Provided Methods

source

fn hash_from_bytes<'a, X: ExpandMsg<'a>>(
msgs: &[&[u8]],
dst: &'a [u8]
) -> Result<ProjectivePoint<Self>>

Computes the hash to curve routine.

From https://www.ietf.org/archive/id/draft-irtf-cfrg-hash-to-curve-13.html:

Uniform encoding from byte strings to points in G. That is, the distribution of its output is statistically close to uniform in G. This function is suitable for most applications requiring a random oracle returning points in G assuming a cryptographically secure hash function is used.

Examples

Using a fixed size hash function

let pt = ProjectivePoint::hash_from_bytes::<ExpandMsgXmd<sha2::Sha256>>(b"test data", b"CURVE_XMD:SHA-256_SSWU_RO_");

Using an extendable output function

let pt = ProjectivePoint::hash_from_bytes::<ExpandMsgXof<sha3::Shake256>>(b"test data", b"CURVE_XOF:SHAKE-256_SSWU_RO_");

Errors

See implementors of ExpandMsg for errors:

len_in_bytes = <Self::FieldElement as FromOkm>::Length * 2

source

fn encode_from_bytes<'a, X: ExpandMsg<'a>>(
msgs: &[&[u8]],
dst: &'a [u8]
) -> Result<ProjectivePoint<Self>>

Computes the encode to curve routine.

From https://www.ietf.org/archive/id/draft-irtf-cfrg-hash-to-curve-13.html:

Nonuniform encoding from byte strings to points in G. That is, the distribution of its output is not uniformly random in G: the set of possible outputs of encode_to_curve is only a fraction of the points in G, and some points in this set are more likely to be output than others.

Errors

See implementors of ExpandMsg for errors:

len_in_bytes = <Self::FieldElement as FromOkm>::Length

source

fn hash_to_scalar<'a, X: ExpandMsg<'a>>(
    msgs: &[&[u8]],
    dst: &'a [u8]
) -> Result<Self::Scalar> where
    Self::Scalar: FromOkm,

Computes the hash to field routine according to https://www.ietf.org/archive/id/draft-irtf-cfrg-hash-to-curve-13.html#section-5 and returns a scalar.

Errors

See implementors of ExpandMsg for errors:

len_in_bytes = <Self::Scalar as FromOkm>::Length

Trait elliptic_curve::hash2curve::GroupDigest

Required Associated Types

type FieldElement: FromOkm + MapToCurve<Output = ProjectivePoint<Self>> + Default + Copy

Provided Methods

fn hash_from_bytes<'a, X: ExpandMsg<'a>>( msgs: &[&[u8]], dst: &'a [u8]) -> Result<ProjectivePoint<Self>>

fn encode_from_bytes<'a, X: ExpandMsg<'a>>( msgs: &[&[u8]], dst: &'a [u8]) -> Result<ProjectivePoint<Self>>

fn hash_to_scalar<'a, X: ExpandMsg<'a>>( msgs: &[&[u8]], dst: &'a [u8]) -> Result<Self::Scalar> where Self::Scalar: FromOkm,

Implementors

fn hash_from_bytes<'a, X: ExpandMsg<'a>>(
msgs: &[&[u8]],
dst: &'a [u8]
) -> Result<ProjectivePoint<Self>>

fn encode_from_bytes<'a, X: ExpandMsg<'a>>(
msgs: &[&[u8]],
dst: &'a [u8]
) -> Result<ProjectivePoint<Self>>

fn hash_to_scalar<'a, X: ExpandMsg<'a>>(
msgs: &[&[u8]],
dst: &'a [u8]
) -> Result<Self::Scalar> where
Self::Scalar: FromOkm,