From 0252f3a587053944c6687addd1d70fc51ff36847 Mon Sep 17 00:00:00 2001 From: Henry de Valence Date: Mon, 8 Apr 2019 18:10:42 -0700 Subject: [PATCH 1/3] cargo init --lib --- .gitignore | 9 +++++++++ Cargo.toml | 8 ++++++++ src/lib.rs | 7 +++++++ 3 files changed, 24 insertions(+) create mode 100644 Cargo.toml create mode 100644 src/lib.rs diff --git a/.gitignore b/.gitignore index 088ba6b..ed7a6ee 100644 --- a/.gitignore +++ b/.gitignore @@ -8,3 +8,12 @@ Cargo.lock # These are backup files generated by rustfmt **/*.rs.bk + + +#Added by cargo +# +#already existing elements are commented out + +/target +#**/*.rs.bk +#Cargo.lock \ No newline at end of file diff --git a/Cargo.toml b/Cargo.toml new file mode 100644 index 0000000..af89507 --- /dev/null +++ b/Cargo.toml @@ -0,0 +1,8 @@ +[package] +name = "doppio" +version = "0.1.0" +authors = ["Cathie Yun ", "Henry de Valence "] +edition = "2018" + + +[dependencies] diff --git a/src/lib.rs b/src/lib.rs new file mode 100644 index 0000000..31e1bb2 --- /dev/null +++ b/src/lib.rs @@ -0,0 +1,7 @@ +#[cfg(test)] +mod tests { + #[test] + fn it_works() { + assert_eq!(2 + 2, 4); + } +} From 5fcc867d3c9b0aef862ff0ae72d14061301c1084 Mon Sep 17 00:00:00 2001 From: Henry de Valence Date: Mon, 8 Apr 2019 18:54:37 -0700 Subject: [PATCH 2/3] Add a stub of the field element API. This defines (but does not implement): * conversion to and from the curve25519-dalek packed `Scalar` type; * addition; * subtraction; * multiplication; * zero & one constructors and Default; * inversion; The implementation in curve25519-dalek allows doing operations either in Montgomery form or not in Montgomery form; I think that for this use-case, it would be better to require that a `FieldElement` is *always* in Montgomery form, so that the multiplication is always Montgomery multiplication. We can also probably save some time by allowing the representatives to lie in the range [0, 2*l) instead of [0, l) as in the original implementation (cf. "Montgomery Multiplication Needs No Final Subtractions"). --- Cargo.toml | 1 + src/field.rs | 81 ++++++++++++++++++++++++++++++++++++++++++++++++++++ src/lib.rs | 2 ++ 3 files changed, 84 insertions(+) create mode 100644 src/field.rs diff --git a/Cargo.toml b/Cargo.toml index af89507..57ed35d 100644 --- a/Cargo.toml +++ b/Cargo.toml @@ -6,3 +6,4 @@ edition = "2018" [dependencies] +curve25519-dalek = "1.1.3" diff --git a/src/field.rs b/src/field.rs new file mode 100644 index 0000000..c7f799f --- /dev/null +++ b/src/field.rs @@ -0,0 +1,81 @@ +//! Field arithmetic for the doppio curve. +//! +//! Because doppio is intended for use in ristretto255-based proof +//! systems, the scalar field of ristretto255 is the *ground field* +//! for doppio. +//! +//! This implementation is derived from the 52-bit scalar +//! implementation contributed to `curve25519-dalek` by Andrew Moon. + +use curve25519_dalek::scalar::Scalar; + +use std::default::Default; +use std::ops::{Add, Mul, Sub}; + +/// A field element modulo \\(2\^{252} + +/// 27742317777372353535851937790883648493\\), the ground field for +/// the doppio curve and the scalar field for the ristretto255 group. +#[derive(Copy, Clone, Debug)] +pub struct FieldElement([u64; 5]); + +impl Add for FieldElement { + type Output = FieldElement; + fn add(self, rhs: FieldElement) -> FieldElement { + unimplemented!(); + } +} + +impl Sub for FieldElement { + type Output = FieldElement; + fn sub(self, rhs: FieldElement) -> FieldElement { + unimplemented!(); + } +} + +impl Mul for FieldElement { + type Output = FieldElement; + fn mul(self, rhs: FieldElement) -> FieldElement { + unimplemented!(); + } +} + +impl Default for FieldElement { + fn default() -> FieldElement { + FieldElement::zero() + } +} + +impl From for FieldElement { + fn from(packed: Scalar) -> FieldElement { + unimplemented!(); + } +} + +impl Into for FieldElement { + fn into(self) -> Scalar { + unimplemented!(); + } +} + +impl FieldElement { + pub fn zero() -> FieldElement { + FieldElement([0; 5]) + } + + pub fn one() -> FieldElement { + // This needs to return 1/R mod l + unimplemented!(); + } + + pub fn invert(&self) -> FieldElement { + unimplemented!(); + } +} + +#[cfg(test)] +mod tests { + #[test] + fn it_works() { + assert_eq!(2 + 2, 4); + } +} diff --git a/src/lib.rs b/src/lib.rs index 31e1bb2..2520691 100644 --- a/src/lib.rs +++ b/src/lib.rs @@ -1,3 +1,5 @@ +mod field; + #[cfg(test)] mod tests { #[test] From e1147e340ad2c0a0827040850fd3bdd45b77dafb Mon Sep 17 00:00:00 2001 From: Henry de Valence Date: Mon, 8 Apr 2019 19:03:19 -0700 Subject: [PATCH 3/3] Define a type alias for curve25519-dalek Scalars --- src/field.rs | 12 ++++++------ src/lib.rs | 2 ++ 2 files changed, 8 insertions(+), 6 deletions(-) diff --git a/src/field.rs b/src/field.rs index c7f799f..efc1d1b 100644 --- a/src/field.rs +++ b/src/field.rs @@ -7,11 +7,11 @@ //! This implementation is derived from the 52-bit scalar //! implementation contributed to `curve25519-dalek` by Andrew Moon. -use curve25519_dalek::scalar::Scalar; - use std::default::Default; use std::ops::{Add, Mul, Sub}; +use crate::Ristretto255Scalar; + /// A field element modulo \\(2\^{252} + /// 27742317777372353535851937790883648493\\), the ground field for /// the doppio curve and the scalar field for the ristretto255 group. @@ -45,14 +45,14 @@ impl Default for FieldElement { } } -impl From for FieldElement { - fn from(packed: Scalar) -> FieldElement { +impl From for FieldElement { + fn from(packed: Ristretto255Scalar) -> FieldElement { unimplemented!(); } } -impl Into for FieldElement { - fn into(self) -> Scalar { +impl Into for FieldElement { + fn into(self) -> Ristretto255Scalar { unimplemented!(); } } diff --git a/src/lib.rs b/src/lib.rs index 2520691..937ea92 100644 --- a/src/lib.rs +++ b/src/lib.rs @@ -1,3 +1,5 @@ +pub type Ristretto255Scalar = curve25519_dalek::scalar::Scalar; + mod field; #[cfg(test)]