Add support for "GLV Type B" endomorphism and configure the "koblitz" Fp

custom curves to use it as their default multiplier
author: Peter Dettman <peter.dettman@bouncycastle.org> 2014-03-12 15:30:32 +0400
committer: Peter Dettman <peter.dettman@bouncycastle.org> 2014-03-12 15:30:32 +0400
commit: 93db9fd4529e160e32763fc64c9785b200d9e22d (patch)
tree: 0afa17c9bdd1e78031a6cd54fdc846faae7a1253 /core/src/main/java/org/bouncycastle
parent: 4f256c2f1bc119b208f9d35d847bf4c5b8072a5e (diff)
5 files changed, 180 insertions, 0 deletions
diff --git a/core/src/main/java/org/bouncycastle/math/ec/custom/sec/SecP192K1Curve.java b/core/src/main/java/org/bouncycastle/math/ec/custom/sec/SecP192K1Curve.java
index cd122b63..0292a642 100644
--- a/core/src/main/java/org/bouncycastle/math/ec/custom/sec/SecP192K1Curve.java
+++ b/core/src/main/java/org/bouncycastle/math/ec/custom/sec/SecP192K1Curve.java
@@ -5,7 +5,11 @@ import java.math.BigInteger;
 import org.bouncycastle.math.ec.ECConstants;
 import org.bouncycastle.math.ec.ECCurve;
 import org.bouncycastle.math.ec.ECFieldElement;
+import org.bouncycastle.math.ec.ECMultiplier;
 import org.bouncycastle.math.ec.ECPoint;
+import org.bouncycastle.math.ec.GLVMultiplier;
+import org.bouncycastle.math.ec.endo.GLVTypeBEndomorphism;
+import org.bouncycastle.math.ec.endo.GLVTypeBParameters;
 import org.bouncycastle.math.field.FiniteFields;
 import org.bouncycastle.util.encoders.Hex;
 
@@ -48,6 +52,23 @@ public class SecP192K1Curve extends ECCurve
         }
     }
 
+    protected ECMultiplier createDefaultMultiplier()
+    {
+        GLVTypeBParameters p = new GLVTypeBParameters(
+            fromBigInteger(new BigInteger("bb85691939b869c1d087f601554b96b80cb4f55b35f433c2", 16)),
+            new BigInteger("3d84f26c12238d7b4f3d516613c1759033b1a5800175d0b1", 16),
+            new BigInteger[]{
+                new BigInteger("71169be7330b3038edb025f1", 16),
+                new BigInteger("-b3fb3400dec5c4adceb8655c", 16) },
+            new BigInteger[]{
+                new BigInteger("12511cfe811d0f4e6bc688b4d", 16),
+                new BigInteger("71169be7330b3038edb025f1", 16) },
+            new BigInteger("1c45a6f9ccc2cc0e3b6c097c7", 16),
+            new BigInteger("2cfecd0037b1712b73ae19575", 16),
+            194);
+        return new GLVMultiplier(this, new GLVTypeBEndomorphism(p));
+    }
+
     public BigInteger getQ()
     {
         return q;
diff --git a/core/src/main/java/org/bouncycastle/math/ec/custom/sec/SecP224K1Curve.java b/core/src/main/java/org/bouncycastle/math/ec/custom/sec/SecP224K1Curve.java
index 44598908..03e3385e 100644
--- a/core/src/main/java/org/bouncycastle/math/ec/custom/sec/SecP224K1Curve.java
+++ b/core/src/main/java/org/bouncycastle/math/ec/custom/sec/SecP224K1Curve.java
@@ -5,7 +5,11 @@ import java.math.BigInteger;
 import org.bouncycastle.math.ec.ECConstants;
 import org.bouncycastle.math.ec.ECCurve;
 import org.bouncycastle.math.ec.ECFieldElement;
+import org.bouncycastle.math.ec.ECMultiplier;
 import org.bouncycastle.math.ec.ECPoint;
+import org.bouncycastle.math.ec.GLVMultiplier;
+import org.bouncycastle.math.ec.endo.GLVTypeBEndomorphism;
+import org.bouncycastle.math.ec.endo.GLVTypeBParameters;
 import org.bouncycastle.math.field.FiniteFields;
 import org.bouncycastle.util.encoders.Hex;
 
@@ -47,6 +51,23 @@ public class SecP224K1Curve extends ECCurve
         }
     }
 
+    protected ECMultiplier createDefaultMultiplier()
+    {
+        GLVTypeBParameters p = new GLVTypeBParameters(
+            fromBigInteger(new BigInteger("fe0e87005b4e83761908c5131d552a850b3f58b749c37cf5b84d6768", 16)),
+            new BigInteger("60dcd2104c4cbc0be6eeefc2bdd610739ec34e317f9b33046c9e4788", 16),
+            new BigInteger[]{
+                new BigInteger("6b8cf07d4ca75c88957d9d670591", 16),
+                new BigInteger("-b8adf1378a6eb73409fa6c9c637d", 16) },
+            new BigInteger[]{
+                new BigInteger("1243ae1b4d71613bc9f780a03690e", 16),
+                new BigInteger("6b8cf07d4ca75c88957d9d670591", 16) },
+            new BigInteger("35c6783ea653ae444abeceb382c82", 16),
+            new BigInteger("5c56f89bc5375b9a04fd364e31bdd", 16),
+            227);
+        return new GLVMultiplier(this, new GLVTypeBEndomorphism(p));
+    }
+
     public BigInteger getQ()
     {
         return q;
diff --git a/core/src/main/java/org/bouncycastle/math/ec/custom/sec/SecP256K1Curve.java b/core/src/main/java/org/bouncycastle/math/ec/custom/sec/SecP256K1Curve.java
index 2bd04a1f..6b9937c2 100644
--- a/core/src/main/java/org/bouncycastle/math/ec/custom/sec/SecP256K1Curve.java
+++ b/core/src/main/java/org/bouncycastle/math/ec/custom/sec/SecP256K1Curve.java
@@ -5,7 +5,11 @@ import java.math.BigInteger;
 import org.bouncycastle.math.ec.ECConstants;
 import org.bouncycastle.math.ec.ECCurve;
 import org.bouncycastle.math.ec.ECFieldElement;
+import org.bouncycastle.math.ec.ECMultiplier;
 import org.bouncycastle.math.ec.ECPoint;
+import org.bouncycastle.math.ec.GLVMultiplier;
+import org.bouncycastle.math.ec.endo.GLVTypeBEndomorphism;
+import org.bouncycastle.math.ec.endo.GLVTypeBParameters;
 import org.bouncycastle.math.field.FiniteFields;
 import org.bouncycastle.util.encoders.Hex;
 
@@ -47,6 +51,23 @@ public class SecP256K1Curve extends ECCurve
         }
     }
 
+    protected ECMultiplier createDefaultMultiplier()
+    {
+        GLVTypeBParameters p = new GLVTypeBParameters(
+            fromBigInteger(new BigInteger("7ae96a2b657c07106e64479eac3434e99cf0497512f58995c1396c28719501ee", 16)),
+            new BigInteger("5363ad4cc05c30e0a5261c028812645a122e22ea20816678df02967c1b23bd72", 16),
+            new BigInteger[]{
+                new BigInteger("3086d221a7d46bcde86c90e49284eb15", 16),
+                new BigInteger("-e4437ed6010e88286f547fa90abfe4c3", 16) },
+            new BigInteger[]{
+                new BigInteger("114ca50f7a8e2f3f657c1108d9d44cfd8", 16),
+                new BigInteger("3086d221a7d46bcde86c90e49284eb15", 16) },
+            new BigInteger("c21b48869f51af37a1b243924a13ac55", 16),
+            new BigInteger("3910dfb58043a20a1bd51fea42aff9311", 16),
+            258);
+        return new GLVMultiplier(this, new GLVTypeBEndomorphism(p));
+    }
+
     public BigInteger getQ()
     {
         return q;
diff --git a/core/src/main/java/org/bouncycastle/math/ec/endo/GLVTypeBEndomorphism.java b/core/src/main/java/org/bouncycastle/math/ec/endo/GLVTypeBEndomorphism.java
new file mode 100644
index 00000000..45b21722
--- /dev/null
+++ b/core/src/main/java/org/bouncycastle/math/ec/endo/GLVTypeBEndomorphism.java
@@ -0,0 +1,56 @@
+package org.bouncycastle.math.ec.endo;
+
+import java.math.BigInteger;
+
+import org.bouncycastle.math.ec.ECConstants;
+import org.bouncycastle.math.ec.ECPointMap;
+import org.bouncycastle.math.ec.GLVEndomorphism;
+import org.bouncycastle.math.ec.ScaleXPointMap;
+
+public class GLVTypeBEndomorphism implements GLVEndomorphism
+{
+    private final GLVTypeBParameters parameters;
+    private final ECPointMap pointMap;
+
+    public GLVTypeBEndomorphism(GLVTypeBParameters parameters)
+    {
+        this.parameters = parameters;
+        this.pointMap = new ScaleXPointMap(parameters.getBeta());
+    }
+
+    public BigInteger[] decomposeScalar(BigInteger k)
+    {
+        int bits = parameters.getBits();
+        BigInteger b1 = calculateB(k, parameters.getG1(), bits);
+        BigInteger b2 = calculateB(k, parameters.getG2(), bits);
+
+        BigInteger[] v1 = parameters.getV1(), v2 = parameters.getV2();
+        BigInteger a = k.subtract((b1.multiply(v1[0])).add(b2.multiply(v2[0])));
+        BigInteger b = (b1.multiply(v1[1])).add(b2.multiply(v2[1])).negate();
+
+        return new BigInteger[]{ a, b };
+    }
+
+    public ECPointMap getPointMap()
+    {
+        return pointMap;
+    }
+
+    public boolean hasEfficientPointMap()
+    {
+        return true;
+    }
+
+    protected BigInteger calculateB(BigInteger k, BigInteger g, int t)
+    {
+        boolean negative = (g.signum() < 0);
+        BigInteger b = k.multiply(g.abs());
+        boolean extra = b.testBit(t - 1);
+        b = b.shiftRight(t);
+        if (extra)
+        {
+            b = b.add(ECConstants.ONE);
+        }
+        return negative ? b.negate() : b;
+    }
+}
diff --git a/core/src/main/java/org/bouncycastle/math/ec/endo/GLVTypeBParameters.java b/core/src/main/java/org/bouncycastle/math/ec/endo/GLVTypeBParameters.java
new file mode 100644
index 00000000..ee2946fc
--- /dev/null
+++ b/core/src/main/java/org/bouncycastle/math/ec/endo/GLVTypeBParameters.java
@@ -0,0 +1,61 @@
+package org.bouncycastle.math.ec.endo;
+
+import java.math.BigInteger;
+
+import org.bouncycastle.math.ec.ECFieldElement;
+
+public class GLVTypeBParameters
+{
+    protected final ECFieldElement beta;
+    protected final BigInteger lambda;
+    protected final BigInteger[] v1, v2;
+    protected final BigInteger g1, g2;
+    protected final int bits;
+
+    public GLVTypeBParameters(ECFieldElement beta, BigInteger lambda, BigInteger[] v1, BigInteger[] v2, BigInteger g1,
+        BigInteger g2, int bits)
+    {
+        this.beta = beta;
+        this.lambda = lambda;
+        this.v1 = v1;
+        this.v2 = v2;
+        this.g1 = g1;
+        this.g2 = g2;
+        this.bits = bits;
+    }
+
+    public ECFieldElement getBeta()
+    {
+        return beta;
+    }
+
+    public BigInteger getLambda()
+    {
+        return lambda;
+    }
+
+    public BigInteger[] getV1()
+    {
+        return v1;
+    }
+
+    public BigInteger[] getV2()
+    {
+        return v2;
+    }
+
+    public BigInteger getG1()
+    {
+        return g1;
+    }
+
+    public BigInteger getG2()
+    {
+        return g2;
+    }
+    
+    public int getBits()
+    {
+        return bits;
+    }
+}
author	Peter Dettman <peter.dettman@bouncycastle.org>	2014-03-12 15:30:32 +0400
committer	Peter Dettman <peter.dettman@bouncycastle.org>	2014-03-12 15:30:32 +0400
commit	93db9fd4529e160e32763fc64c9785b200d9e22d (patch)
tree	0afa17c9bdd1e78031a6cd54fdc846faae7a1253 /core/src/main/java/org/bouncycastle
parent	4f256c2f1bc119b208f9d35d847bf4c5b8072a5e (diff)