Documentation
¶
Index ¶
- Variables
- func PairingCheck(a []*G1, b []*G2) bool
- type G1
- func (e *G1) Add(a, b *G1) *G1
- func (e *G1) CurvePoints() (*big.Int, *big.Int, *big.Int, *big.Int)
- func (e *G1) Marshal() []byte
- func (e *G1) Neg(a *G1) *G1
- func (e *G1) ScalarBaseMult(k *big.Int) *G1
- func (e *G1) ScalarMult(a *G1, k *big.Int) *G1
- func (e *G1) String() string
- func (e *G1) Unmarshal(m []byte) ([]byte, error)
- type G2
- type GT
- Bugs
Examples ¶
Constants ¶
This section is empty.
Variables ¶
var Order = bigFromBase10("21888242871839275222246405745257275088548364400416034343698204186575808495617")
Order is the number of elements in both G₁ and G₂: 36u⁴+36u³+18u²+6u+1.
var P = bigFromBase10("21888242871839275222246405745257275088696311157297823662689037894645226208583")
p is a prime over which we form a basic field: 36u⁴+36u³+24u²+6u+1.
Functions ¶
func PairingCheck ¶
PairingCheck calculates the Optimal Ate pairing for a set of points.
Types ¶
type G1 ¶
type G1 struct {
// contains filtered or unexported fields
}
BUG(agl): this implementation is not constant time. G1 is an abstract cyclic group. The zero value is suitable for use as the output of an operation, but cannot be used as an input.
func (*G1) Add ¶
Add sets e to a+b and then returns e. BUG(agl): this function is not complete: a==b fails.
func (*G1) CurvePoints ¶
CurvePoints returns p's curve points in big integer
func (*G1) ScalarBaseMult ¶
ScalarBaseMult sets e to g*k where g is the generator of the group and then returns e.
func (*G1) ScalarMult ¶
ScalarMult sets e to a*k and then returns e.
type G2 ¶
type G2 struct {
// contains filtered or unexported fields
}
G2 is an abstract cyclic group. The zero value is suitable for use as the output of an operation, but cannot be used as an input.
func (*G2) Add ¶
Add sets e to a+b and then returns e. BUG(agl): this function is not complete: a==b fails.
func (*G2) CurvePoints ¶
func (e *G2) CurvePoints() (*gfP2, *gfP2, *gfP2, *gfP2)
CurvePoints returns the curve points of p which includes the real and imaginary parts of the curve point.
func (*G2) ScalarBaseMult ¶
ScalarBaseMult sets e to g*k where g is the generator of the group and then returns out.
func (*G2) ScalarMult ¶
ScalarMult sets e to a*k and then returns e.
type GT ¶
type GT struct {
// contains filtered or unexported fields
}
GT is an abstract cyclic group. The zero value is suitable for use as the output of an operation, but cannot be used as an input.
func Pair ¶
Pair calculates an Optimal Ate pairing.
Example ¶
// This implements the tripartite Diffie-Hellman algorithm from "A One // Round Protocol for Tripartite Diffie-Hellman", A. Joux. // http://www.springerlink.com/content/cddc57yyva0hburb/fulltext.pdf // Each of three parties, a, b and c, generate a private value. a, _ := rand.Int(rand.Reader, Order) b, _ := rand.Int(rand.Reader, Order) c, _ := rand.Int(rand.Reader, Order) // Then each party calculates g₁ and g₂ times their private value. pa := new(G1).ScalarBaseMult(a) qa := new(G2).ScalarBaseMult(a) pb := new(G1).ScalarBaseMult(b) qb := new(G2).ScalarBaseMult(b) pc := new(G1).ScalarBaseMult(c) qc := new(G2).ScalarBaseMult(c) // Now each party exchanges its public values with the other two and // all parties can calculate the shared key. k1 := Pair(pb, qc) k1.ScalarMult(k1, a) k2 := Pair(pc, qa) k2.ScalarMult(k2, b) k3 := Pair(pa, qb) k3.ScalarMult(k3, c) // k1, k2 and k3 will all be equal.
Output:
func (*GT) ScalarMult ¶
ScalarMult sets e to a*k and then returns e.
Notes ¶
Bugs ¶
this implementation is not constant time. G1 is an abstract cyclic group. The zero value is suitable for use as the output of an operation, but cannot be used as an input.
this function is not complete: a==b fails.
this function is not complete: a==b fails.
Source Files