From 012e39ec2cde06d87611d4b5aede3b3b296cfedb Mon Sep 17 00:00:00 2001 From: Tony Arcieri Date: Sat, 4 Dec 2021 09:57:25 -0700 Subject: [PATCH] elliptic-curve: add `LinearCombination` trait (#832) Adds a trait for computing `x * k + y * l`. This allows curve implementations to provide optimized arithmetic when available (e.g. Shamir's Trick) --- elliptic-curve/src/ops.rs | 23 +++++++++++++++++++++++ 1 file changed, 23 insertions(+) diff --git a/elliptic-curve/src/ops.rs b/elliptic-curve/src/ops.rs index 35581647f..b49e1b335 100644 --- a/elliptic-curve/src/ops.rs +++ b/elliptic-curve/src/ops.rs @@ -5,6 +5,9 @@ pub use core::ops::{Add, AddAssign, Mul, Neg, Sub, SubAssign}; use crypto_bigint::{ArrayEncoding, ByteArray, Integer}; use subtle::CtOption; +#[cfg(feature = "arithmetic")] +use crate::ProjectiveArithmetic; + /// Perform an inversion on a field element (i.e. base field element or scalar) pub trait Invert { /// Field element type @@ -23,6 +26,26 @@ impl Invert for F { } } +/// Linear combination. +/// +/// This trait enables crates to provide an optimized implementation of +/// linear combinations (e.g. Shamir's Trick), or otherwise provides a default +/// non-optimized implementation. +// TODO(tarcieri): replace this with a trait from the `group` crate? (see zkcrypto/group#25) +#[cfg(feature = "arithmetic")] +#[cfg_attr(docsrs, doc(cfg(feature = "arithmetic")))] +pub trait LinearCombination: ProjectiveArithmetic { + /// Calculates `x * k + y * l`. + fn lincomb( + x: &Self::ProjectivePoint, + k: &Self::Scalar, + y: &Self::ProjectivePoint, + l: &Self::Scalar, + ) -> Self::ProjectivePoint { + (*x * k) + (*y * l) + } +} + /// Modular reduction. pub trait Reduce: Sized { /// Perform a modular reduction, returning a field element.