net.i2p.crypto.eddsa.math.ed25519

Class Ed25519ScalarOps

java.lang.Object

net.i2p.crypto.eddsa.math.ed25519.Ed25519ScalarOps

All Implemented Interfaces:

Serializable, ScalarOps

public class Ed25519ScalarOps
extends Object
implements ScalarOps

Class for reducing a huge integer modulo the group order q and doing a combined multiply plus add plus reduce operation.

q = 2^252 + 27742317777372353535851937790883648493.

Reviewed/commented by Bloody Rookie (nemproject@gmx.de)

See Also:

Serialized Form

Constructor Summary

Constructors

Constructor and Description
Ed25519ScalarOps()

Method Summary

Modifier and Type	Method and Description
byte[]	multiplyAndAdd(byte[] a, byte[] b, byte[] c) Input:
byte[]	reduce(byte[] s) Reduction modulo the group order q.

Methods inherited from class java.lang.Object

clone, equals, finalize, getClass, hashCode, notify, notifyAll, toString, wait, wait, wait

Constructor Detail

Ed25519ScalarOps

public Ed25519ScalarOps()

Method Detail

reduce

public byte[] reduce(byte[] s)

Reduction modulo the group order q.

Input: s[0]+256*s[1]+...+256^63*s[63] = s

Output: s[0]+256*s[1]+...+256^31*s[31] = s mod q where q = 2^252 + 27742317777372353535851937790883648493.

Specified by:

reduce in interface ScalarOps

Returns:

s mod l

multiplyAndAdd

public byte[] multiplyAndAdd(byte[] a,
                             byte[] b,
                             byte[] c)

Input:

• a[0]+256*a[1]+...+256^31*a[31] = a
• b[0]+256*b[1]+...+256^31*b[31] = b
• c[0]+256*c[1]+...+256^31*c[31] = c

Output: result[0]+256*result[1]+...+256^31*result[31] = (ab+c) mod q where q = 2^252 + 27742317777372353535851937790883648493.

See the comments in reduce(byte[]) for an explanation of the algorithm.

Specified by:

multiplyAndAdd in interface ScalarOps

Returns:

(a*b + c) mod l