GLV implementation for BLS12_377, BLS12_381 and BN254 (#158)

2026-01-10 16:01:32 +01:00 · 2023-09-11 15:29:38 -06:00
parent 8765798eb0
commit 72a18b6ecf
17 changed files with 377 additions and 15 deletions
--- a/bw6_761/src/curves/g1.rs
+++ b/bw6_761/src/curves/g1.rs
@@ -1,8 +1,9 @@
 use ark_ec::{
    models::{short_weierstrass::SWCurveConfig, CurveConfig},
+    scalar_mul::glv::GLVConfig,
    short_weierstrass::{Affine, Projective},
 };
-use ark_ff::{AdditiveGroup, MontFp};
+use ark_ff::{AdditiveGroup, BigInt, MontFp, PrimeField};

 use crate::{Fq, Fr};

@@ -49,6 +50,46 @@ impl SWCurveConfig for Config {
    }
 }

+impl GLVConfig for Config {
+    const ENDO_COEFFS: &'static [Self::BaseField] = &[MontFp!(
+        "4922464560225523242118178942575080391082002530232324381063048548642823052024664478336818169867474395270858391911405337707247735739826664939444490469542109391530482826728203582549674992333383150446779312029624171857054392282775648"
+    )];
+
+    const LAMBDA: Self::ScalarField =
+        MontFp!("258664426012969093929703085429980814127835149614277183275038967946009968870203535512256352201271898244626862047231");
+
+    const SCALAR_DECOMP_COEFFS: [(bool, <Self::ScalarField as PrimeField>::BigInt); 4] = [
+        (
+            true,
+            BigInt!("293634935485640680722085584138834120324914961969255022593"),
+        ),
+        (
+            false,
+            BigInt!("293634935485640680722085584138834120315328839056164388863"),
+        ),
+        (
+            true,
+            BigInt!("293634935485640680722085584138834120315328839056164388863"),
+        ),
+        (
+            true,
+            BigInt!("587269870971281361444171168277668240640243801025419411456"),
+        ),
+    ];
+
+    fn endomorphism(p: &Projective<Self>) -> Projective<Self> {
+        let mut res = (*p).clone();
+        res.x *= Self::ENDO_COEFFS[0];
+        res
+    }
+
+    fn endomorphism_affine(p: &Affine<Self>) -> Affine<Self> {
+        let mut res = (*p).clone();
+        res.x *= Self::ENDO_COEFFS[0];
+        res
+    }
+}
+
 /// G1_GENERATOR_X =
 /// 6238772257594679368032145693622812838779005809760824733138787810501188623461307351759238099287535516224314149266511977132140828635950940021790489507611754366317801811090811367945064510304504157188661901055903167026722666149426237
 pub const G1_GENERATOR_X: Fq = MontFp!("6238772257594679368032145693622812838779005809760824733138787810501188623461307351759238099287535516224314149266511977132140828635950940021790489507611754366317801811090811367945064510304504157188661901055903167026722666149426237");
--- a/bw6_761/src/curves/g2.rs
+++ b/bw6_761/src/curves/g2.rs
@@ -1,8 +1,9 @@
 use ark_ec::{
    models::{short_weierstrass::SWCurveConfig, CurveConfig},
+    scalar_mul::glv::GLVConfig,
    short_weierstrass::{Affine, Projective},
 };
-use ark_ff::{AdditiveGroup, MontFp};
+use ark_ff::{AdditiveGroup, BigInt, MontFp, PrimeField};

 use crate::{Fq, Fr};

@@ -50,6 +51,46 @@ impl SWCurveConfig for Config {
    }
 }

+impl GLVConfig for Config {
+    const ENDO_COEFFS: &'static [Self::BaseField] = &[
+        MontFp!("4922464560225523242118178942575080391082002530232324381063048548642823052024664478336818169867474395270858391911405337707247735739826664939444490469542109391530482826728203582549674992333383150446779312029624171857054392282775648"),
+    ];
+
+    const LAMBDA: Self::ScalarField =
+        MontFp!("80949648264912719408558363140637477264845294720710499478137287262712535938301461879813459410945");
+
+    const SCALAR_DECOMP_COEFFS: [(bool, <Self::ScalarField as PrimeField>::BigInt); 4] = [
+        (
+            true,
+            BigInt!("293634935485640680722085584138834120315328839056164388863"),
+        ),
+        (
+            false,
+            BigInt!("293634935485640680722085584138834120324914961969255022593"),
+        ),
+        (
+            true,
+            BigInt!("293634935485640680722085584138834120324914961969255022593"),
+        ),
+        (
+            true,
+            BigInt!("587269870971281361444171168277668240640243801025419411456"),
+        ),
+    ];
+
+    fn endomorphism(p: &Projective<Self>) -> Projective<Self> {
+        let mut res = (*p).clone();
+        res.x *= Self::ENDO_COEFFS[0];
+        res
+    }
+
+    fn endomorphism_affine(p: &Affine<Self>) -> Affine<Self> {
+        let mut res = (*p).clone();
+        res.x *= Self::ENDO_COEFFS[0];
+        res
+    }
+}
+
 /// G2_GENERATOR_X =
 ///  6445332910596979336035888152774071626898886139774101364933948236926875073754470830732273879639675437155036544153105017729592600560631678554299562762294743927912429096636156401171909259073181112518725201388196280039960074422214428
 pub const G2_GENERATOR_X: Fq = MontFp!("6445332910596979336035888152774071626898886139774101364933948236926875073754470830732273879639675437155036544153105017729592600560631678554299562762294743927912429096636156401171909259073181112518725201388196280039960074422214428");
--- a/bw6_761/src/curves/tests.rs
+++ b/bw6_761/src/curves/tests.rs
@@ -6,3 +6,5 @@ test_group!(g1; G1Projective; sw);
 test_group!(g2; G2Projective; sw);
 test_group!(pairing_output; ark_ec::pairing::PairingOutput<BW6_761>; msm);
 test_pairing!(pairing; crate::BW6_761);
+test_group!(g1_glv; G1Projective; glv);
+test_group!(g2_glv; G2Projective; glv);