Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

feat(crypto): add xyzz coordinates #2008

Draft
wants to merge 1 commit into
base: main
Choose a base branch
from
Draft

feat(crypto): add xyzz coordinates #2008

wants to merge 1 commit into from

Conversation

mikdk
Copy link
Collaborator

@mikdk mikdk commented May 10, 2024

This PR adds XYZZ coordinates support for faster table-based scalar-multiplication:

  • Positive: Decreases the main elliptic curve operation used from 13M+2S to 8M+2S, where M is the field multiplications and S the number of squares.
  • Negative: Increases an elliptic curve point representation to four coordinates (x, y, zz, zzz) instead of standard two or three.

It is currently only applied to Pedersen, but should be applied to ECDSA during future revisions. From the decrease in field operation count, we should be able to get >30% off in theory. In practice, given the representation overhead, we get some ~10% off the table-based Pedersen-hash.

Additional notes:

  • We now let z=0 represent infinity in projective/xyzz coordinates (not affine), which is pretty standard and saves one word, concretely measured to 5-6% faster against the old projective-based Pedersen-hash during dev.
  • While this is faster, we should consider Jacobian for scalar-multiplication: More field operations than XYZZ, but less than Projective, while still only requiring three coordinates (x,y,z).

@mikdk mikdk requested a review from a team as a code owner May 10, 2024 13:30
@mikdk mikdk force-pushed the ec-xyzz-coords branch from 2961b6f to 0365f29 Compare May 10, 2024 13:30
@mikdk mikdk force-pushed the ec-xyzz-coords branch from 0365f29 to f7c31d9 Compare May 10, 2024 13:32
@mikdk mikdk marked this pull request as draft May 14, 2024 09:34
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Labels
None yet
Projects
None yet
Development

Successfully merging this pull request may close these issues.

1 participant