ed448goldilocks

Commit Graph

Author	SHA1	Message	Date
Michael Hamburg	45eb0e14d3	change the misleading mul_by_cofactor functions to mul_by_ratio, and create ENCODE_RATIO and DECODE_ratio constants to represent this	7 years ago
Michael Hamburg	98bfcb0196	IsoE25519 is now better known as Ristretto	7 years ago
Michael Hamburg	4de924c786	Incorporate test vectors from Dalek	7 years ago
Michael Hamburg	2bcccebd8d	expose mul_by_cofactor_and_encode_like_x, but need to adjust clearing ratios	7 years ago
Michael Hamburg	1a38c25d9d	CFRG crypto back to working, just need to do elligator inversion for identity on x25519	7 years ago
Michael Hamburg	2d04fa7b43	working out sign bugs; then on to invert elligator ristretto	7 years ago
Michael Hamburg	5fc32bf1e9	elligator apparently(?) working for ed448	7 years ago
Michael Hamburg	733e67e80d	whoops, bad hex decoder	7 years ago
Michael Hamburg	c82e7ae7a7	add ristretto widget. elligator is correct, but inverse is not yet	7 years ago
Michael Hamburg	b295ef7669	rename decaf_sponge_* apis to decaf_sha3_. Also reverse order on decaf_sponge_hash to make it the same as decaf_shake_hash and decaf_sha3*_hash	7 years ago
Michael Hamburg	b29565fdfd	fix assertion on x25519/x448(0), thanks Olivier Cheron	7 years ago
Michael Hamburg	c6a1cd8db6	better test	7 years ago
Michael Hamburg	a4c02cc759	better test	7 years ago
Michael Hamburg	72484a054f	test to make sure bug is gone	7 years ago
Michael Hamburg	b423ac359c	working on decaffeinating ed25519	7 years ago
Michael Hamburg	aee921fc55	fix a bug in the test scripts, thanks Johan Pascal	7 years ago
Michael Hamburg	ec4ece08f0	add decaf_edXXX_convert_public_key_to_xXXX; thanks Johan Pascal	7 years ago
Michael Hamburg	bb1eef3712	tear out STROBE. Probably will re-introduce later	7 years ago
Michael Hamburg	4caefd358b	oops also in test_ct	7 years ago
Michael Hamburg	af606fb195	x448 generate_key -> derive_public_key to match ed448 nomenclature	7 years ago
Michael Hamburg	875d2b2251	ED25519_NO_CONTEXT -> DECAF_ED25519_NO_CONTEXT; DECAF_ED25519_NO_CONTEXT -> DECAF_EDDSA_25519_SUPPORTS_CONTEXTLESS_SIGS	8 years ago
Andrew Bennett	7ec87d8616	Use magic constant ED25519_NO_CONTEXT for non-contextual operations.	8 years ago
Andrew Bennett	ef6e74bdec	Update EdDSA operations to match draft 07 from CFRG.	8 years ago
Michael Hamburg	205d4e4aac	working on the README	8 years ago
Michael Hamburg	a32fd62512	mark more things at toy	8 years ago
Michael Hamburg	a01e875d4a	move strobe and crypto to TOY areas	8 years ago
Michael Hamburg	d1e2bbec15	fix Ed448-prehash and test against newly-corrected cfrg vectors	8 years ago
Andrew Bennett	c558c0ecdb	x86_64/i386 and illumos/solaris/SunOS compatibility fixes. * SunOS linker doesn't support --gc-sections * Add portable_endian.h with __sun version of htole64 and le64toh * Replace portable endian code in shake.c with inclusion of portable_endian.h * Replace portable endian code in word.h with inclusion of portable_endian.h * Add explicit extern reference to word.h for posix_memalign when __sun defined * Replace references to u_int_t with uint_t * rdtsc call in shake.c was only working on 32-bit i386 * rdtsc call in bench_decaf.cxx was inaccurate on 64-bit x86_64 when clang absent * Fix two signed/unsigned comparison errors in test_decaf.cxx	9 years ago
Michael Hamburg	e22c967171	change eddsa encoding names to show that they multiply_by_cofactor	9 years ago
Mike Hamburg	a673fbfc63	test_ct broke because of renaming; fix it	9 years ago
Michael Hamburg	c5a9b7757b	ed25519 prehashed test vector. ed448 prehashed test vectors look invalid??	9 years ago
Michael Hamburg	4adb584654	ed25519 prehashed test vector. ed448 prehashed test vectors look invalid??	9 years ago
Michael Hamburg	3b9ffc4cc7	separate Ed25519ph from Ed25519 with awful CRTP hack	9 years ago
Michael Hamburg	f1df5e4714	lowerCamelCase -> snake_case. Put decaf_ in front of all (most?) identifiers, except for SHAKE which is being removed before 1.0 release (for future refactoring)	9 years ago
Michael Hamburg	595855b434	move eddsa.hxx to its own header. sha512.hxx; rework shake.hxx header; create prehash object. TODO: test prehash	9 years ago
Michael Hamburg	798b189a77	minor changes; clear a few TODOs	9 years ago
Michael Hamburg	6225bfd2f4	EdDSA is go!	9 years ago
Michael Hamburg	1f716044ca	eddsa provisional pass	9 years ago
Michael Hamburg	d9a9bb96b5	eddsa-25519 now using sha512. But problem! We are using IsoEd25519 so we actually need an isogeny anyway to get to Ed25519 proper	9 years ago
Michael Hamburg	0fa687437f	sha512	9 years ago
Michael Hamburg	b06db0c78a	EdDSA now supports multiple hashes as defined in curve_data.py. We still dont have sha512 though.	9 years ago
Michael Hamburg	9d0bac672f	move context arguments to the end of hash functions. Ed25519 doesnt support contexts.	9 years ago
Michael Hamburg	b1c6de6309	EdDSA 448 seems to be working. Needs more testing, code moved around. EdDSA 255 not working yet; needs SHA512	9 years ago
Michael Hamburg	fffb77ac2d	eddsa sign seems to work for ed448. needs more testing of course	9 years ago
Michael Hamburg	d0e74a585a	eddsa key generation, at least for goldilocks. needs parameterized hash function; sign/verify; rename; put in right place	9 years ago
Michael Hamburg	650356c5f5	elligator overflow bits. Before, invert_elligator would invert to a gf, which wouldnt be a uniformly random string because, eg, curve25519 gfs only have 255 bits out of 256. Now add a random multiple of p. This still wont work for future curves that have a field size of 1 mod 8, because those curves use elligator with no high bit set, but its a start	9 years ago
Michael Hamburg	050dcc186f	test/bench now uses run_for_all_curves<>	9 years ago
Michael Hamburg	c0310ba553	whoops, actually save the change the removes the todo comment	9 years ago
Michael Hamburg	c9abcef055	add some pathological test cases, clearing a few TODO items. Also scalar_set_unsigned now takes a uint64_t instead of a word_t	9 years ago
Michael Hamburg	37e0886300	simplify elligator, in a way that shouldnt change its output. I think it uses the opposite convention from the paper for sign(s) though.	9 years ago

1 2 3 4

190 Commits (master)