示例#1
0
        /**
         * Multiplies a {@link org.bouncycastle.math.ec.F2mPoint F2mPoint}
         * by an element <code>&#955;</code> of <code><b>Z</b>[&#964;]</code>
         * using the <code>&#964;</code>-adic NAF (TNAF) method.
         * @param p The F2mPoint to Multiply.
         * @param lambda The element <code>&#955;</code> of
         * <code><b>Z</b>[&#964;]</code>.
         * @return <code>&#955; * p</code>
         */
        public static F2MPoint MultiplyTnaf(F2MPoint p, ZTauElement lambda)
        {
            F2MCurve curve = (F2MCurve)p.Curve;
            sbyte    mu    = curve.GetMu();

            sbyte[] u = TauAdicNaf(mu, lambda);

            F2MPoint q = MultiplyFromTnaf(p, u);

            return(q);
        }
示例#2
0
        /**
         * Multiplies a {@link org.bouncycastle.math.ec.F2mPoint F2mPoint}
         * by a <code>BigInteger</code> using the reduced <code>&#964;</code>-adic
         * NAF (RTNAF) method.
         * @param p The F2mPoint to Multiply.
         * @param k The <code>BigInteger</code> by which to Multiply <code>p</code>.
         * @return <code>k * p</code>
         */
        public static F2MPoint MultiplyRTnaf(F2MPoint p, IBigInteger k)
        {
            F2MCurve curve = (F2MCurve)p.Curve;
            int      m     = curve.M;
            sbyte    a     = (sbyte)curve.A.ToBigInteger().IntValue;
            sbyte    mu    = curve.GetMu();

            IBigInteger[] s   = curve.GetSi();
            ZTauElement   rho = PartModReduction(k, m, a, s, mu, (sbyte)10);

            return(MultiplyTnaf(p, rho));
        }
示例#3
0
        /**
         * Computes the auxiliary values <code>s<sub>0</sub></code> and
         * <code>s<sub>1</sub></code> used for partial modular reduction.
         * @param curve The elliptic curve for which to compute
         * <code>s<sub>0</sub></code> and <code>s<sub>1</sub></code>.
         * @throws ArgumentException if <code>curve</code> is not a
         * Koblitz curve (Anomalous Binary Curve, ABC).
         */
        public static IBigInteger[] GetSi(F2MCurve curve)
        {
            if (!curve.IsKoblitz)
            {
                throw new ArgumentException("si is defined for Koblitz curves only");
            }

            int   m     = curve.M;
            int   a     = curve.A.ToBigInteger().IntValue;
            sbyte mu    = curve.GetMu();
            int   h     = curve.H.IntValue;
            int   index = m + 3 - a;

            IBigInteger[] ui = GetLucas(mu, index, false);

            IBigInteger dividend0;
            IBigInteger dividend1;

            if (mu == 1)
            {
                dividend0 = BigInteger.One.Subtract(ui[1]);
                dividend1 = BigInteger.One.Subtract(ui[0]);
            }
            else if (mu == -1)
            {
                dividend0 = BigInteger.One.Add(ui[1]);
                dividend1 = BigInteger.One.Add(ui[0]);
            }
            else
            {
                throw new ArgumentException("mu must be 1 or -1");
            }

            IBigInteger[] si = new IBigInteger[2];

            if (h == 2)
            {
                si[0] = dividend0.ShiftRight(1);
                si[1] = dividend1.ShiftRight(1).Negate();
            }
            else if (h == 4)
            {
                si[0] = dividend0.ShiftRight(2);
                si[1] = dividend1.ShiftRight(2).Negate();
            }
            else
            {
                throw new ArgumentException("h (Cofactor) must be 2 or 4");
            }

            return(si);
        }
        /**
         * Multiplies a {@link org.bouncycastle.math.ec.F2mPoint F2mPoint}
         * by <code>k</code> using the reduced <code>&#964;</code>-adic NAF (RTNAF)
         * method.
         * @param p The F2mPoint to multiply.
         * @param k The integer by which to multiply <code>k</code>.
         * @return <code>p</code> multiplied by <code>k</code>.
         */
        public ECPoint Multiply(ECPoint point, IBigInteger k, IPreCompInfo preCompInfo)
        {
            if (!(point is F2MPoint))
            {
                throw new ArgumentException("Only F2mPoint can be used in WTauNafMultiplier");
            }

            F2MPoint p = (F2MPoint)point;

            F2MCurve curve = (F2MCurve)p.Curve;
            int      m     = curve.M;
            sbyte    a     = (sbyte)curve.A.ToBigInteger().IntValue;
            sbyte    mu    = curve.GetMu();

            IBigInteger[] s = curve.GetSi();

            ZTauElement rho = Tnaf.PartModReduction(k, m, a, s, mu, (sbyte)10);

            return(MultiplyWTnaf(p, rho, preCompInfo, a, mu));
        }
        /**
        * Computes the auxiliary values <code>s<sub>0</sub></code> and
        * <code>s<sub>1</sub></code> used for partial modular reduction.
        * @param curve The elliptic curve for which to compute
        * <code>s<sub>0</sub></code> and <code>s<sub>1</sub></code>.
        * @throws ArgumentException if <code>curve</code> is not a
        * Koblitz curve (Anomalous Binary Curve, ABC).
        */
        public static IBigInteger[] GetSi(F2MCurve curve)
        {
            if (!curve.IsKoblitz)
                throw new ArgumentException("si is defined for Koblitz curves only");

            int m = curve.M;
            int a = curve.A.ToBigInteger().IntValue;
            sbyte mu = curve.GetMu();
            int h = curve.H.IntValue;
            int index = m + 3 - a;
            IBigInteger[] ui = GetLucas(mu, index, false);

            IBigInteger dividend0;
            IBigInteger dividend1;
            if (mu == 1)
            {
                dividend0 = BigInteger.One.Subtract(ui[1]);
                dividend1 = BigInteger.One.Subtract(ui[0]);
            }
            else if (mu == -1)
            {
                dividend0 = BigInteger.One.Add(ui[1]);
                dividend1 = BigInteger.One.Add(ui[0]);
            }
            else
            {
                throw new ArgumentException("mu must be 1 or -1");
            }

            IBigInteger[] si = new IBigInteger[2];

            if (h == 2)
            {
                si[0] = dividend0.ShiftRight(1);
                si[1] = dividend1.ShiftRight(1).Negate();
            }
            else if (h == 4)
            {
                si[0] = dividend0.ShiftRight(2);
                si[1] = dividend1.ShiftRight(2).Negate();
            }
            else
            {
                throw new ArgumentException("h (Cofactor) must be 2 or 4");
            }

            return si;
        }