python-ecdsa icon indicating copy to clipboard operation
python-ecdsa copied to clipboard

Published 20 hours ago verified publisher icon tlsfuzzer

Use the complete formulas for point doubling and addition

Open tomato42 opened this issue 2 years ago • 1 comments

https://safecurves.cr.yp.to/ is outdated, there are complete point addition and doubling formulas: https://eprint.iacr.org/2015/1060 we should use them to protect against bugs in special case handling

tomato42 avatar Jun 01 '22 11:06 tomato42

I see that you use Jacobian coordinates.

You can also use conditional copies to select between add and doubles:

  • Derivation of efficient formulas:
    • write-up: https://github.com/mratsim/constantine/blob/495ef44/constantine/math/elliptic/ec_shortweierstrass_jacobian.md
    • impl: https://github.com/mratsim/constantine/blob/495ef449/constantine/math/elliptic/ec_shortweierstrass_jacobian.nim#L162-L334

And for projective coordinates complete formulas:

  • https://github.com/mratsim/constantine/blob/495ef44/constantine/math/elliptic/ec_shortweierstrass_projective.nim#L153-L406 (Note: Since I only configured secp256k1 and pairing-firnedly curve I only implemented the case where a==0 in the curve y² = x³+ax+b)

mratsim avatar Jan 29 '23 21:01 mratsim