better gr

2026-01-09 13:37:57 -05:00 · 2021-11-24 21:31:53 +01:00
parent 187ca3e3e6
commit 38d150cef8
4 changed files with 69 additions and 33 deletions
--- a/src/pbh/g2.rs
+++ b/src/pbh/g2.rs
@@ -116,8 +116,5 @@ mod tests {

        // check point multiplication
        assert_eq!(g * f101(6), g + g + g + g + g + g);
-
-        // check G2 multiplication
-        assert_eq!(g2f(26, 97) * g2f(93, 76), g2f(97, 89));
    }
 }
--- a/src/pbh/gt.rs
+++ b/src/pbh/gt.rs
@@ -1,11 +1,34 @@
 #![allow(dead_code)]

+use super::{f101, F101};
+use crate::ec::{Field, GTPoint};
+use std::fmt::Display;
 use std::ops::Mul;
+use std::ops::Neg;

-use super::{f101, g2::G2P, F101};
-use crate::ec::{Field, G2Point, GTPoint};
+#[derive(Debug, Copy, Clone, PartialEq)]
+pub struct GTP {
+    a: F101,
+    b: F101,
+}

-impl GTPoint for G2P {
+impl Display for GTP {
+    fn fmt(&self, f: &mut std::fmt::Formatter) -> std::fmt::Result {
+        write!(f, "{}+{}u", self.a, self.b)
+    }
+}
+
+impl Neg for GTP {
+    type Output = GTP;
+    fn neg(self) -> Self::Output {
+        GTP {
+            a: self.a,
+            b: -self.b,
+        }
+    }
+}
+
+impl GTPoint for GTP {
    type S = u64;
    fn pow(&self, mut n: Self::S) -> Self {
        // frobenious map reduction: p^101 = -p
@@ -14,7 +37,13 @@ impl GTPoint for G2P {
            n %= 101;
            (base, *self)
        } else {
-            (G2P::new(F101::one(), F101::zero()), *self)
+            (
+                GTP {
+                    a: F101::one(),
+                    b: F101::zero(),
+                },
+                *self,
+            )
        };

        // montgomery reduction
@@ -29,28 +58,41 @@ impl GTPoint for G2P {
        p
    }
 }
-impl Mul<G2P> for G2P {
-    type Output = G2P;
-    fn mul(self, rhs: G2P) -> Self::Output {
-        G2P::new(
-            self.a * rhs.a - f101(2) * self.b * rhs.b,
-            self.a * rhs.b + self.b * rhs.a,
-        )
+impl Mul<GTP> for GTP {
+    type Output = GTP;
+    fn mul(self, rhs: GTP) -> Self::Output {
+        GTP {
+            a: self.a * rhs.a - f101(2) * self.b * rhs.b,
+            b: self.a * rhs.b + self.b * rhs.a,
+        }
+    }
+}
+
+impl GTP {
+    pub fn new(a: F101, b: F101) -> Self {
+        Self { a, b }
    }
 }

 #[cfg(test)]
 mod tests {
-    use super::{super::g2::g2f, *};
+    use super::*;
+    fn gtf(a: u64, b: u64) -> GTP {
+        GTP {
+            a: f101(a),
+            b: f101(b),
+        }
+    }
+
    #[test]
    fn test_gt_vectors() {
        // check GT multiplication
-        assert_eq!(g2f(26, 97) * g2f(93, 76), g2f(97, 89));
+        assert_eq!(gtf(26, 97) * gtf(93, 76), gtf(97, 89));

        // check GT exp
-        assert_eq!(g2f(42, 49).pow(6), g2f(97, 89));
-        assert_eq!(g2f(93, 76).pow(101), -g2f(93, 76));
-        assert_eq!(g2f(93, 76).pow(102), (-g2f(93, 76)) * g2f(93, 76));
-        assert_eq!(g2f(68, 47).pow(600), g2f(97, 89));
+        assert_eq!(gtf(42, 49).pow(6), gtf(97, 89));
+        assert_eq!(gtf(93, 76).pow(101), -gtf(93, 76));
+        assert_eq!(gtf(93, 76).pow(102), (-gtf(93, 76)) * gtf(93, 76));
+        assert_eq!(gtf(68, 47).pow(600), gtf(97, 89));
    }
 }
--- a/src/pbh/mod.rs
+++ b/src/pbh/mod.rs
@@ -20,7 +20,7 @@ pub struct PlonkByHandTypes {}
 impl PlonkTypes for PlonkByHandTypes {
    type G1 = g1::G1P;
    type G2 = g2::G2P;
-    type GT = g2::G2P;
+    type GT = gt::GTP;
    type E = pairing::PBHPairing;
    type GF = F101;
    type SF = F17;
--- a/src/pbh/pairing.rs
+++ b/src/pbh/pairing.rs
@@ -1,17 +1,13 @@
 #![allow(clippy::many_single_char_names)]

-use super::{
-    f101,
-    g1::G1P,
-    g2::{g2f, G2P},
-};
+use super::{f101, g1::G1P, g2::G2P, gt::GTP};
 use crate::ec::{Field, G1Point, G2Point, GTPoint, Pairing};

 pub struct PBHPairing {}
 impl Pairing for PBHPairing {
    type G1 = G1P;
    type G2 = G2P;
-    type GT = G2P;
+    type GT = GTP;

    fn pairing(g1: Self::G1, g2: Self::G2) -> Self::GT {
        let p = <G1P as G1Point>::F::order();
@@ -24,7 +20,7 @@ impl Pairing for PBHPairing {
    }
 }

-fn pairing_f(r: u64, p: G1P, q: G2P) -> G2P {
+fn pairing_f(r: u64, p: G1P, q: G2P) -> GTP {
    // line equation from a to b point
    let l = |a: G1P, b: G1P| {
        let m = b.x - a.x;
@@ -38,15 +34,15 @@ fn pairing_f(r: u64, p: G1P, q: G2P) -> G2P {
    };

    if r == 1 {
-        g2f(1, 0)
+        GTP::new(f101(1), f101(0))
    } else if r % 2 == 1 {
        let r = r - 1;
        let (x, y, c) = l(p * f101(r), p);
-        pairing_f(r, p, q) * G2P::new(q.a * x + c, q.b * y)
+        pairing_f(r, p, q) * GTP::new(q.a * x + c, q.b * y)
    } else {
        let r = r / 2;
        let (x, y, c) = l(p * f101(r), -p * f101(r) * f101(2));
-        pairing_f(r, p, q).pow(2) * G2P::new(q.a * x + c, q.b * y)
+        pairing_f(r, p, q).pow(2) * GTP::new(q.a * x + c, q.b * y)
    }
 }

@@ -59,6 +55,7 @@ mod tests {
    #[test]
    fn test_parings() {
        let p = G1P::generator().mul(f101(1));
+        let r = G1P::generator().mul(f101(4));
        let q = G2P::generator().mul(f101(3));
        let a = f101(5);

@@ -72,8 +69,8 @@ mod tests {

        assert_eq!(ê(p * a, q), ê(p, q).pow(a.as_u64()));

-        // ê(aP,Q) = ê((a-1)p,Q) * ê(P,Q)
+        // ê(P+R,Q) = ê(P,Q) * ê(R,Q)

-        assert_eq!(ê(p * a, q), ê(p * (a - f101(1)), q) * ê(p, q));
+        assert_eq!(ê(p + r, q), ê(p, q) * ê(r, q));
    }
 }