curve1174 is a Go library implementing operations on Curve1174. It’s Edwards curve with equation
x^2+y^2 = 1-1174x^2y^2
over finite field
Fp, p=2^251-9. It was introduced by
Bernstein, Hamburg, Krasnova, and Lange in 2013
curve1174 is compatible with modern Go releases in module mode, with Go installed:
go get github.com/probakowski/curve1174
will resolve and add the package to the current development module, along with its dependencies.
Alternatively the same can be achieved if you use import in a package:
go get without parameters.
Finally, to use the top-of-trunk version of this repo, use the following command:
go get github.com/probakowski/[email protected]
Each point on curve is represented by
curve1174.Point object. Base point is provided in
identity element of the curve (
x=0, y=1) is
API is similar to
math/big package. The receiver denotes result and the method arguments are operation’s operands.
For instance, given three
*Point values a,b and c, the invocation
computes the sum a + b and stores the result in c, overwriting whatever value was held in c before.
Operations permit aliasing of parameters, so it is perfectly ok to write
to accumulate values x in a sum.
(By always passing in a result value via the receiver, memory use can be much better controlled. Instead of having to
allocate new memory for each result, an operation can reuse the space allocated for the result value, and overwrite
that value with the new result in the process.)
Methods usually return the incoming receiver as well, to enable simple call chaining.
Operations on curve return point in extended coordinates. To get simple x/y value they have to be converted to affine
(*Point).ToAffine method. This call is expensive so be sure to avoid it for
intermediate values if possible.
All operations (both in the underlying field and on the curve) are designed to be constant time
(time doesn’t depend on points/elements selected).
On amd64 there’s specialized assembler code to speed up operations, you can disable it with tag
The code is generated in from
gen/asm.go using avo.
Base point multiplication on the curve uses precomputed table that greatly speeds up computation in common cases (like
generating public key). It costs ~131kB of heap, you can disable it with tag
curve1174_no_precompute. If you can spend
more heap you can use tag
curve1174_precompute_big which is even faster but eats up 1MB of heap.
*FieldElement satisfy fmt package’s Formatter interface for formatted printing.