curve1174 is a Go library implementing operations on Curve1174. It's Edwards curve with equation
x^2+y^2 = 1-1174x^2y^2
over finite field Fp, p=2^251-9. It was introduced by
Bernstein, Hamburg, Krasnova, and Lange in 2013
curve1174 is compatible with modern Go releases in module mode, with Go installed:
go get github.com/probakowski/curve1174will resolve and add the package to the current development module, along with its dependencies.
Alternatively the same can be achieved if you use import in a package:
import "github.com/probakowski/curve1174"and run go get without parameters.
Finally, to use the top-of-trunk version of this repo, use the following command:
go get github.com/probakowski/curve1174@masterEach point on curve is represented by curve1174.Point object. Base point is provided in curve1174.Base,
identity element of the curve (x=0, y=1) is curve1174.E.
API is similar to math/big package. The receiver denotes result and the method arguments are operation's operands.
For instance, given three *Point values a,b and c, the invocation
c.Add(a,b)computes the sum a + b and stores the result in c, overwriting whatever value was held in c before. Operations permit aliasing of parameters, so it is perfectly ok to write
sum.Add(sum, x)to accumulate values x in a sum.
(By always passing in a result value via the receiver, memory use can be much better controlled. Instead of having to allocate new memory for each result, an operation can reuse the space allocated for the result value, and overwrite that value with the new result in the process.)
Methods usually return the incoming receiver as well, to enable simple call chaining.
Operations on curve return point in extended coordinates. To get simple x/y value they have to be converted to affine
coordinates with (*Point).ToAffine method. This call is expensive so be sure to avoid it for
intermediate values if possible.
All operations (both in the underlying field and on the curve) are designed to be constant time (time doesn't depend on points/elements selected).
On amd64 there's specialized assembler code to speed up operations, you can disable it with tag curve1174_purego.
The code is generated in from gen/asm.go using avo.
Base point multiplication on the curve uses precomputed table that greatly speeds up computation in common cases (like
generating public key). It costs ~131kB of heap, you can disable it with tag curve1174_no_precompute. If you can spend
more heap you can use tag curve1174_precompute_big which is even faster but eats up 1MB of heap.
Finally, *Point and *FieldElement satisfy fmt package's Formatter interface for formatted printing.