Henry de Valence
f8efbfa69f
cln16sidh: prepare for code splitting
7 years ago
Henry de Valence
bbfe85d80c
cln16sidh: have SIDH functions give byte outputs
7 years ago
Henry de Valence
73f3fb400d
cln16sidh: move SecretPoint, DistortAndDifference to curve.go
7 years ago
Henry de Valence
82a40ce1e6
cln16sidh: update benchmarks
Use "shared secret" instead of "key agreement" to point out that there's no hashing, key derivation, etc. going on.
Measure the keypair generation (including random sampling) in the "fast" benchmarks.
7 years ago
Henry de Valence
91db102d7d
cln16sidh: add secret key generation
7 years ago
Henry de Valence
11976a638e
cln16sidh: add de/serialization for SIDH public keys
7 years ago
Henry de Valence
2a65c75cc5
cln16sidh: refactor SIDH kex from initial work
7 years ago
Henry de Valence
d19dd55622
cln16sidh: use public keys without curve parameters
A later revision of the CLN paper uses the Montgomery relation to recover the a
value from the three x-coordinates in the public key, saving its transmission.
This patch improves slightly over the description in the paper, by
projectivizing the computation of the first four-isogeny; this means that it's
not necessary to perform an inversion to get the affine a value.
7 years ago
Henry de Valence
a9139f499b
cln16sidh: add curve parameter recovery
7 years ago
Henry de Valence
284917f704
cln16sidh: rough work on SIDH key agreement
7 years ago
Henry de Valence
6fec539d88
cln16sidh: add benchmark for Alice's keygen
7 years ago
Henry de Valence
aba3ad58ba
cln16sidh: fix sign error in 4-isogeny computations
7 years ago
Henry de Valence
aca4333bba
cln16sidh: add benchmarks for Bob's keygen
7 years ago
Henry de Valence
60d47ce8a2
cln16sidh: implement Bob's key generation
7 years ago
Henry de Valence
7c4e3b1d53
cln16sidh: add 3-isogeny test via Sage
7 years ago
Henry de Valence
827c8a2605
cln16sidh: add test for FirstFourIsogeny
7 years ago
Henry de Valence
713624a43c
cln16sidh: add key generation for Alice (currently broken)
7 years ago
Henry de Valence
95f392eb67
cln16sidh: implement FirstFourIsogeny
7 years ago
Henry de Valence
3f6eaf7f16
cln16sidh: move isogeny computations to seperate file
7 years ago
Henry de Valence
f2c7421ce2
cln16sidh: implement secret point generation
7 years ago
Henry de Valence
de4cd5d7ff
cln16sidh: add negation operators
7 years ago
Henry de Valence
cb7a285ff7
cln16sidh: add fromAffine constructors for points
7 years ago
Henry de Valence
545238d4fc
cln16sidh: implement y-coordinate recovery
7 years ago
Henry de Valence
071d05068a
cln16sidh: test prime field scalar mult against torsion points
7 years ago
Henry de Valence
8ff5a111cd
cln16sidh: add E(F_p) functionality
7 years ago
Henry de Valence
2c10aa9d31
cln16sidh: rename ExtensionFieldElementConditionalSwap
7 years ago
Henry de Valence
32eed216a7
cln16sidh: rename jInvariant to JInvariant
7 years ago
Henry de Valence
70aac4706c
cln16sidh: add ladder benchmarks
7 years ago
Henry de Valence
d15c2238a1
cln16sidh: add LICENSE text
7 years ago
Henry de Valence
8045da3721
cln16sidh: better isogeny names
7 years ago
Henry de Valence
691d3ba3d2
cln16sidh: implement 4-isogenies, refactor 3-isogenies
7 years ago
Henry de Valence
cac3df5258
cln16sidh: add 3-isogeny functions
Currently these aren't tested; Sage gets unhappy working with isogenies of
large elliptic curves. (Also, the previous test vectors were generated just to
test curve arithmetic, so they're not in the correct isogeny class and should
be changed...)
7 years ago
Henry de Valence
e420fc012a
cln16sidh: add three-point ladder
7 years ago
Henry de Valence
48826b1b20
cln16sidh: fix Sage variables
7 years ago
Henry de Valence
9cbec30220
cln16sidh: add a CachedCurveParameters struct
7 years ago
Henry de Valence
5887a8113e
cln16sidh: fix whitespace in test vectors
7 years ago
Henry de Valence
309448e8cf
cln16sidh: add Montgomery ladder scalar multiplication
7 years ago
Henry de Valence
324f240daa
cln16sidh: add conditional swaps
7 years ago
Henry de Valence
15dbd8c7ee
cln16sidh: add Zero, One constructors to ExtensionFieldElement
7 years ago
Henry de Valence
18fd617020
cln16sidh: add 4-way batch inversion
7 years ago
Henry de Valence
f4c5eaf53c
cln16sidh: compute the j-invariant
7 years ago
Henry de Valence
c26f169fae
cln16sidh: add point addition benchmark
7 years ago
Henry de Valence
72e0bb78a7
cln16sidh: initial Montgomery curve functionality
This contains Montgomery (pseudo)addition, doubling, and tripling.
The formulas are slightly amended from the usual Montgomery arithmetic to allow
projective curve coefficients.
7 years ago
Henry de Valence
240f52d0f1
cln16sidh: add big.Int conversion for raw fp751Elements
7 years ago
Henry de Valence
c20610bf6b
cln16sidh: benchmark inversion and squaring
7 years ago
Henry de Valence
719c07b83b
cln16sidh: add conditional assignment code
7 years ago
Henry de Valence
50aa855b53
cln16sidh: clarify doc for P34
7 years ago
Henry de Valence
1ae37f11fd
cln16sidh: add uint64 constructor for PrimeFieldElements
7 years ago
Henry de Valence
11d48b0d4d
cln16sidh: make FieldElement more like Go's big.Int API
Having operators return pointers to the recievers makes it possible to chain
operations.
7 years ago
Henry de Valence
207046f6f8
cln16sidh: add note on multiplication counts for p34 chain
7 years ago