public class SupersingularSourceGroupImpl extends PairingSourceGroupImpl
Defined as follows: Let \(E := {(x,y) \in \mathbb{F}_q \times \mathbb{F}_q | y^2 = x^3 - 3x}\) (\(q\) prime and \(q = 3 \mod 4\)). Then this class represents E[getSize()], i.e. the subgroup of size getSize().
cofactor, field, generator, size| Constructor and Description |
|---|
SupersingularSourceGroupImpl(java.math.BigInteger size,
java.math.BigInteger cofactor,
ExtensionField fieldOfDefinition)
Instantiates the group.
|
SupersingularSourceGroupImpl(Representation r) |
| Modifier and Type | Method and Description |
|---|---|
double |
estimateCostInvPerOp()
Estimates the number of inversions that can be done per group operation for the same cost.
|
SupersingularSourceGroupElementImpl |
getElement(FieldElement x,
FieldElement y)
Construct an point on this curve given the x- and y-coordinates.
|
SupersingularSourceGroupElementImpl |
getGenerator()
Returns any generator of this group if the group is cyclic and it's feasible to compute a generator.
|
SupersingularSourceGroupElementImpl |
getNeutralElement()
Returns the neutral element of this group.
|
SupersingularSourceGroupElementImpl |
getUniformlyRandomElement()
Generates a uniformly random element of this group.
|
boolean |
hasPrimeSize()
Returns true if the size of this structure is known and prime.
|
boolean |
isShortForm() |
protected SupersingularSourceGroupElementImpl |
mapToPoint(ExtensionFieldElement z)
A one to one mapping \(\mathbb{F}_q \rightarrow E(\mathbb{F}_q) \setminus \{O\}\).
|
cofactorMultiplication, equals, getA1, getA2, getA3, getA4, getA6, getCofactor, getFieldOfDefinition, getRepresentation, getSize, getUniqueByteLength, hashCode, isMember, isOnCurve, restoreElement, setGenerator, sizeclone, finalize, getClass, notify, notifyAll, toString, wait, wait, waitisCommutativeexp, getUniformlyRandomNonNeutral, implementsOwnExp, implementsOwnMultiExp, multiexp, restoreFromRepresentationpublic SupersingularSourceGroupImpl(java.math.BigInteger size,
java.math.BigInteger cofactor,
ExtensionField fieldOfDefinition)
size - the desired size of the groupcofactor - the number c such that size * c = number of points on the Weierstrass curve
over fieldOfDefinitionfieldOfDefinition - the field where x, y from the Weierstrass equation come frompublic SupersingularSourceGroupImpl(Representation r)
public SupersingularSourceGroupElementImpl getNeutralElement()
GroupImplpublic SupersingularSourceGroupElementImpl getElement(FieldElement x, FieldElement y)
WeierstrassCurvegetElement in interface WeierstrassCurvegetElement in class PairingSourceGroupImplx - the x-coordinatey - the y-coordinateprotected SupersingularSourceGroupElementImpl mapToPoint(ExtensionFieldElement z)
A value \(z\) is mapped to the point \((z,y)\) for appropriate \(y\) if \(z(z^2+A)\) is a quadratic residue and to \((-z,-y)\) otherwise. Note that -1 is a quadratic non-residue for type 1 pairings. Hence \(z(z^2+A)\) is a quadratic residue iff \(-z(z^2+A)=(-z)((-z)^2+A)\) is a quadratic non-residue.
This mapping is bijective because if \(z(z^2+A)\) is a quadratic non-residue, then \(-z\) is mapped to \((y,-z)\).
z - an element from this group's base field (corresponding to getFieldOfDefinition())public SupersingularSourceGroupElementImpl getGenerator()
GroupImplRepeated calls may or may not always supply the same generator again (i.e. the output is not guaranteed to be random)!
getGenerator in interface GroupImplgetGenerator in class PairingSourceGroupImplpublic boolean hasPrimeSize()
GroupImplpublic SupersingularSourceGroupElementImpl getUniformlyRandomElement() throws java.lang.UnsupportedOperationException
GroupImplgetUniformlyRandomElement in interface GroupImplgetUniformlyRandomElement in class PairingSourceGroupImpljava.lang.UnsupportedOperationException - if the random generation cannot be donepublic boolean isShortForm()
public double estimateCostInvPerOp()
GroupImpl2 would mean that an inversion costs half as much as a group operation, on average.