public Fp6 Mul(Fp6 o) { Fp2 a1 = a, b1 = b, c1 = c; Fp2 a2 = o.a, b2 = o.b, c2 = o.c; Fp2 a1a2 = a1.Mul(a2); Fp2 b1b2 = b1.Mul(b2); Fp2 c1c2 = c1.Mul(c2); Fp2 ra = a1a2.Add(b1.Add(c1).Mul(b2.Add(c2)).Sub(b1b2).Sub(c1c2).MulByNonResidue()); Fp2 rb = a1.Add(b1).Mul(a2.Add(b2)).Sub(a1a2).Sub(b1b2).Add(c1c2.MulByNonResidue()); Fp2 rc = a1.Add(c1).Mul(a2.Add(c2)).Sub(a1a2).Add(b1b2).Sub(c1c2); return(new Fp6(ra, rb, rc)); }
public Fp6 Squared() { Fp2 s0 = a.Squared(); Fp2 ab = a.Mul(b); Fp2 s1 = ab.Dbl(); Fp2 s2 = a.Sub(b).Add(c).Squared(); Fp2 bc = b.Mul(c); Fp2 s3 = bc.Dbl(); Fp2 s4 = c.Squared(); Fp2 ra = s0.Add(s3.MulByNonResidue()); Fp2 rb = s1.Add(s4.MulByNonResidue()); Fp2 rc = s1.Add(s2).Add(s3).Sub(s0).Sub(s4); return(new Fp6(ra, rb, rc)); }
public Fp6 Inverse() { /* From "High-Speed Software Implementation of the Optimal Ate Pairing over Barreto-Naehrig Curves"; Algorithm 17 */ Fp2 t0 = a.Squared(); Fp2 t1 = b.Squared(); Fp2 t2 = c.Squared(); Fp2 t3 = a.Mul(b); Fp2 t4 = a.Mul(c); Fp2 t5 = b.Mul(c); Fp2 c0 = t0.Sub(t5.MulByNonResidue()); Fp2 c1 = t2.MulByNonResidue().Sub(t3); Fp2 c2 = t1.Sub(t4); // typo in paper referenced above. should be "-" as per Scott, but is "*" Fp2 t6 = a.Mul(c0).Add((c.Mul(c1).Add(b.Mul(c2))).MulByNonResidue()).Inverse(); Fp2 ra = t6.Mul(c0); Fp2 rb = t6.Mul(c1); Fp2 rc = t6.Mul(c2); return(new Fp6(ra, rb, rc)); }