java - 点在椭圆曲线上的标量乘法-6ren

java - 点在椭圆曲线上的标量乘法

转载作者：搜寻专家更新时间：2023-11-01 03:08:04

我正在对 NIST 指定的曲线“p192”执行椭圆曲线点算术运算。出于测试目的，我采用了 NIST Routine document for the curve p192 中所示的示例点.我得到加点和加倍点的正确答案，但对于标量乘法，我的答案不正确。由于这个原因，我无法达到是否

$ k^{-1}(kP) = P $

在哪里

$ k^{-1}.k = 1 mod p $

请帮助我了解我在哪里犯了错误。

package a;
import java.math.BigInteger;
import java.security.spec.ECPoint;
public class ScalarMultiply {
private static final BigInteger ONE = new BigInteger("1");;
static BigInteger TWO = new BigInteger("2");
    static BigInteger p = new BigInteger("6277101735386680763835789423207666416083908700390324961279");


public static ECPoint scalmult(ECPoint P, BigInteger k){
    ECPoint R =P,S = P;
    int length = k.bitLength();
    //System.out.println("length is" + length);
    byte[] binarray = new byte[length];
    for(int i=0;i<=length-1;i++){
        binarray[i] = k.mod(TWO).byteValue();
        k = k.divide(TWO);

    }
    for(int i=0;i<=length-1;i++){
        System.out.print("" + binarray[i]); 
    }

    for(int i = length - 2;i > 0;i--){
        R = doublePoint(R);
        if(binarray[i]== 1) 
            R = addPoint(R, S);
    }
return R;
}

public static ECPoint addPoint(ECPoint r, ECPoint s) {

    BigInteger slope = (r.getAffineY().subtract(s.getAffineY())).multiply(r.getAffineX().subtract(s.getAffineX()).modInverse(p)).mod(p);
    BigInteger Xout = (slope.modPow(TWO, p).subtract(r.getAffineX())).subtract(s.getAffineX()).mod(p);
    BigInteger Yout = r.getAffineY().negate().mod(p);
    Yout = Yout.add(slope.multiply(r.getAffineX().subtract(Xout))).mod(p);
    ECPoint out = new ECPoint(Xout, Yout);
    return out;
}

public static ECPoint doublePoint(ECPoint r) {
    // TODO Auto-generated method stub
    BigInteger slope = (r.getAffineX().pow(2)).multiply(new BigInteger("3"));
    slope = slope.add(new BigInteger("3"));
    slope = slope.multiply((r.getAffineY().multiply(TWO)).modInverse(p));
    BigInteger Xout = slope.pow(2).subtract(r.getAffineX().multiply(new BigInteger("2"))).mod(p);
    BigInteger Yout = (r.getAffineY().negate()).add(slope.multiply(r.getAffineX().subtract(Xout))).mod(p);
    ECPoint out = new ECPoint(Xout, Yout);
    return out;
}
}

主类是

    package a;
    import java.math.BigInteger;
    import java.security.spec.ECPoint;

    public class EccArithmetic {

    /**
     * @param args
     */
    public static void main(String[] args) {

             BigInteger xs = new BigInteger("d458e7d127ae671b0c330266d246769353a012073e97acf8", 16);
             BigInteger ys = new BigInteger
("325930500d851f336bddc050cf7fb11b5673a1645086df3b", 16);
             BigInteger xt = new BigInteger

("f22c4395213e9ebe67ddecdd87fdbd01be16fb059b9753a4", 16);
             BigInteger yt = new BigInteger

("264424096af2b3597796db48f8dfb41fa9cecc97691a9c79", 16);
             ECPoint S = new ECPoint(xs,ys);
             ECPoint T = new ECPoint(xt,yt);
             // Verifying addition 

             ECPoint Rst = ScalarMultiply.addPoint(S, T);
             BigInteger xst = new BigInteger

("48e1e4096b9b8e5ca9d0f1f077b8abf58e843894de4d0290", 16);   // Specified value of x of point R for addition  in NIST Routine example
             System.out.println("\nx-coordinate of point Rst is : " + Rst.getAffineX()); 
             System.out.println("\ny-coordinate of point Rst is : " + Rst.getAffineY());
             if(Rst.getAffineX().equals(xst))
                 System.out.println("Adding is correct");

//Verifying Doubling
BigInteger xr = new BigInteger

("30c5bc6b8c7da25354b373dc14dd8a0eba42d25a3f6e6962", 16);  // Specified value of x of point R for doubling  in NIST Routine example
             BigInteger yr = new BigInteger

("0dde14bc4249a721c407aedbf011e2ddbbcb2968c9d889cf", 16);
             ECPoint R2s = new ECPoint(xr, yr);  // Specified value of y of point R for doubling  in NIST Routine example
             System.out.println("\nx-coordinate of point R2s is : " + R2s.getAffineX()); 
             System.out.println("\ny-coordinate of point R2s is : " + R2s.getAffineY());
             System.out.println("\nx-coordinate of calculated point is : " + 

ScalarMultiply.doublePoint(S).getAffineX()); 
             System.out.println("\ny-coordinate of calculated point is : " + 

ScalarMultiply.doublePoint(S).getAffineY());
             if(R2s.getAffineX().equals(ScalarMultiply.doublePoint(S).getAffineX()))
                 System.out.println("Doubling is correct");

             xr = new BigInteger("1faee4205a4f669d2d0a8f25e3bcec9a62a6952965bf6d31", 16);  // Specified value of x of point R for scalar Multiplication  in NIST Routine example
             yr = new BigInteger("5ff2cdfa508a2581892367087c696f179e7a4d7e8260fb06", 16);   // Specified value of y of point R for scalar Multiplication  in NIST Routine example
             ECPoint Rds = new ECPoint(xr, yr);
             BigInteger d = new BigInteger

("a78a236d60baec0c5dd41b33a542463a8255391af64c74ee", 16);
             //Rs = new ECPoint(ScalarMultiply.scalmult(S, d).getAffineX(), yr);
             System.out.println("\nx-coordinate of point Rds is : " + Rds.getAffineX());
            System.out.println("\nx-coordinate of point Rds is : " + Rds.getAffineY());
            System.out.println("\nx-coordinate of calculated point is : " + ScalarMultiply.scalmult(S, 

            d).getAffineX());
            System.out.println("\nx-coordinate of calculated point is : " + ScalarMultiply.scalmult(S, 

            d).getAffineY());            
            if(Rds.getAffineX().equals(ScalarMultiply.scalmult(S, d).getAffineX()))
                 System.out.println("Scalar Multiplication is correct");

    }
}

最佳答案

addPoint 和 doublePoint 都不正确。下面编辑的JAVA代码做加倍加标量乘法，并检查加法加倍加标量乘法的结果是否正确:

ScalarMultiply.java

public class ScalarMultiply {

private static final BigInteger ONE = new BigInteger("1");;
static BigInteger TWO = new BigInteger("2");
static BigInteger p = new BigInteger("6277101735386680763835789423207666416083908700390324961279");
static BigInteger a = new BigInteger("6277101735386680763835789423207666416083908700390324961276");


public static ECPoint scalmult(ECPoint P, BigInteger kin){
    //ECPoint R=P; - incorrect
    ECPoint R = ECPoint.POINT_INFINITY,S = P;
    BigInteger k = kin.mod(p);
    int length = k.bitLength();
    //System.out.println("length is" + length);
    byte[] binarray = new byte[length];
    for(int i=0;i<=length-1;i++){
        binarray[i] = k.mod(TWO).byteValue();
        k = k.divide(TWO);
    }
    /*for(int i = length-1;i >= 0;i--){
        System.out.print("" + binarray[i]); 
    }*/

    for(int i = length-1;i >= 0;i--){
        // i should start at length-1 not -2 because the MSB of binarry may not be 1
        R = doublePoint(R);
        if(binarray[i]== 1) 
            R = addPoint(R, S);
    }
return R;
}

public static ECPoint addPoint(ECPoint r, ECPoint s) {

    if (r.equals(s))
        return doublePoint(r);
    else if (r.equals(ECPoint.POINT_INFINITY))
        return s;
    else if (s.equals(ECPoint.POINT_INFINITY))
        return r;
    BigInteger slope = (r.getAffineY().subtract(s.getAffineY())).multiply(r.getAffineX().subtract(s.getAffineX()).modInverse(p)).mod(p);
    BigInteger Xout = (slope.modPow(TWO, p).subtract(r.getAffineX())).subtract(s.getAffineX()).mod(p);
    //BigInteger Yout = r.getAffineY().negate().mod(p); - incorrect
    BigInteger Yout = s.getAffineY().negate().mod(p);
    //Yout = Yout.add(slope.multiply(r.getAffineX().subtract(Xout))).mod(p); - incorrect
    Yout = Yout.add(slope.multiply(s.getAffineX().subtract(Xout))).mod(p);
    ECPoint out = new ECPoint(Xout, Yout);
    return out;
}

public static ECPoint doublePoint(ECPoint r) {
    if (r.equals(ECPoint.POINT_INFINITY)) 
        return r;
    BigInteger slope = (r.getAffineX().pow(2)).multiply(new BigInteger("3"));
    //slope = slope.add(new BigInteger("3")); - incorrect
    slope = slope.add(a);
    slope = slope.multiply((r.getAffineY().multiply(TWO)).modInverse(p));
    BigInteger Xout = slope.pow(2).subtract(r.getAffineX().multiply(TWO)).mod(p);
    BigInteger Yout = (r.getAffineY().negate()).add(slope.multiply(r.getAffineX().subtract(Xout))).mod(p);
    ECPoint out = new ECPoint(Xout, Yout);
    return out;
}

EccArithmetic.java

public class EccArithmetic {

public static void main(String[] args) {

    BigInteger xs = new BigInteger("d458e7d127ae671b0c330266d246769353a012073e97acf8", 16);
    BigInteger ys = new BigInteger("325930500d851f336bddc050cf7fb11b5673a1645086df3b", 16);
    BigInteger xt = new BigInteger("f22c4395213e9ebe67ddecdd87fdbd01be16fb059b9753a4", 16);
    BigInteger yt = new BigInteger("264424096af2b3597796db48f8dfb41fa9cecc97691a9c79", 16);
    ECPoint S = new ECPoint(xs,ys);
    ECPoint T = new ECPoint(xt,yt);
    // Verifying addition 

    ECPoint Rst = ScalarMultiply.addPoint(S, T);
    BigInteger xst = new BigInteger("48e1e4096b9b8e5ca9d0f1f077b8abf58e843894de4d0290", 16);   // Specified value of x of point R for addition  in NIST Routine example
    System.out.println("\nx-coordinate of point Rst is : " + Rst.getAffineX()); 
    System.out.println("\ny-coordinate of point Rst is : " + Rst.getAffineY());
    if(Rst.getAffineX().equals(xst))
        System.out.println("Adding is correct");

    //Verifying Doubling
    BigInteger xr = new BigInteger("30c5bc6b8c7da25354b373dc14dd8a0eba42d25a3f6e6962", 16);  // Specified value of x of point R for doubling  in NIST Routine example
    BigInteger yr = new BigInteger("0dde14bc4249a721c407aedbf011e2ddbbcb2968c9d889cf", 16);
    ECPoint R2s = new ECPoint(xr, yr);  // Specified value of y of point R for doubling  in NIST Routine example
    System.out.println("\nx-coordinate of point R2s is : " + R2s.getAffineX()); 
    System.out.println("\ny-coordinate of point R2s is : " + R2s.getAffineY());
    System.out.println("\nx-coordinate of calculated point is : " + ScalarMultiply.doublePoint(S).getAffineX()); 
    System.out.println("\ny-coordinate of calculated point is : " +    ScalarMultiply.doublePoint(S).getAffineY());
    if(R2s.getAffineX().equals(ScalarMultiply.doublePoint(S).getAffineX()) &&
       R2s.getAffineY().equals(ScalarMultiply.doublePoint(S).getAffineY()))
        System.out.println("Doubling is correct");

    xr = new BigInteger("1faee4205a4f669d2d0a8f25e3bcec9a62a6952965bf6d31", 16);  // Specified value of x of point R for scalar Multiplication  in NIST Routine example
    yr = new BigInteger("5ff2cdfa508a2581892367087c696f179e7a4d7e8260fb06", 16);   // Specified value of y of point R for scalar Multiplication  in NIST Routine example
    ECPoint Rds = new ECPoint(xr, yr);
    BigInteger d = new BigInteger("a78a236d60baec0c5dd41b33a542463a8255391af64c74ee", 16);

    ECPoint Rs = ScalarMultiply.scalmult(S, d);

    System.out.println("\nx-coordinate of point Rds is : " + Rds.getAffineX());
    System.out.println("\ny-coordinate of point Rds is : " + Rds.getAffineY());
    System.out.println("\nx-coordinate of calculated point is : " + Rs.getAffineX());
    System.out.println("\ny-coordinate of calculated point is : " + Rs.getAffineY()); 


    if(Rds.getAffineX().equals(Rs.getAffineX()) &&
       Rds.getAffineY().equals(Rs.getAffineY()))
        System.out.println("Scalar Multiplication is correct");

}
}

关于java - 点在椭圆曲线上的标量乘法，我们在Stack Overflow上找到一个类似的问题： https://stackoverflow.com/questions/15727147/

文章推荐： java - 使用 jar 文件中的字节数组缓存声音

文章推荐： c# - 十六进制到 int C# 非常大的数字

文章推荐： c# - 如何在 csv 的同一单元格内的多行上写入数据？

文章推荐： java - 在jruby中导入java包中的所有类

乘法
如果矩阵A在X中，矩阵B在Y中。进行乘法运算只是 Z = X*Y。正确假设两个数组的大小相同。如何使用 for 循环计算它？最佳答案 ja72 的anwser 是错误的，请查看我在其下的评论以了
c - (n - 乘法) vs (n/2 - 乘法 + 2 加法) 哪个更好？
我有一个 C 程序，它有 n 次乘法(单次乘法和 n 次迭代)，我发现另一个逻辑有 n/2 次迭代(1 次乘法 + 2 次加法)。我知道两者都是 O(n) 的复杂性。但就 CPU 周期而言。哪个更快？
矩阵的行向后累积乘积/乘法
我有一个矩阵x: x <- matrix(1:8, nrow = 2, ncol = 4, byrow = 2) # [,1] [,2] [,3] [,4] #[1,] 1 2 3
矩阵的行向后累积乘积/乘法
我有一个矩阵x: x <- matrix(1:8, nrow = 2, ncol = 4, byrow = 2) # [,1] [,2] [,3] [,4] #[1,] 1 2 3
Java 乘法
我正在创建一个基于电影 InTime 的 Minecraft 插件，并尝试创建代码，在玩家死亡时玩家将失去 25% 的时间。当前代码是: String minus = itapi.getTimeSt
2个矩阵的C++乘法
我正在尝试将 2 个矩阵与重载的 * 运算符相乘并打印结果。虽然看起来我不能为重载函数提供超过 1 个参数。如何将这两个矩阵传递给重载函数？请在下面查看我的实现。 #include #include
Java 乘法 .*
为什么在 Java 中使用 .*？例如 double probability = 1.*count/numdata; 给出相同的输出: double probability = count/numda
带单位的 SASS 乘法
如果我尝试将两个值与单位相乘，则会出现意外错误。 $test: 10px; .testing{ width: $test * $test; } result: 100px*px isn't a v
CodeIgniter ActiveRecord 乘法
我正在尝试计算库存中所有产品的总值(value)。表中的每种产品都有价格和数量。因此，我需要将每种产品的价格乘以数量，然后将所有这些加在一起以获得所有产品的总计。根据上一个问题，我现在可以使用 MyS
CodeIgniter ActiveRecord 乘法
我正在尝试计算库存中所有产品的总值(value)。表中的每种产品都有价格和数量。因此，我需要将每种产品的价格乘以数量，然后将所有这些加在一起以获得所有产品的总计。根据上一个问题，我现在可以使用 MyS
Java ArrayList 乘法
大家好，我有以下代码行 solution first = mylist.remove((int)(Math.random() * mylist)); 这给了我一个错误说明 The operator *
C、乘法、位运算或*
我必须做很多乘法运算。如果我考虑效率，那么我应该使用位运算而不是常规的 * 运算吗？如果有差异如何进行位运算？提前致谢.. 最佳答案不，您应该使用乘法运算符，让优化编译器决定如何最快地完成它。您会
math - 大整数的 OR 乘法
两个 n 位数字 A 和 B 的乘法可以理解为移位的总和: (A << i1) + (A << i2) + ... 其中 i1, i2, ... 是 B 中设置为 1 的位数。现在让我们用 OR
c++ - bool 乘法
我想使用 cuda 6 进行 bool 乘法，但我无法以正确的方式做到这一点。B 是一个 bool 对称矩阵，我必须进行 B^n bool 乘法。我的 C++ 代码是: for (m=0; m
c++ - 仿真定点除法/乘法
我正在编写一个定点类，但遇到了一些问题...乘法、除法部分，我不确定如何模拟。我对部门运算符(operator)进行了非常粗暴的尝试，但我确信这是错误的。到目前为止，它是这样的: class Fixe
sql - SQL中的表分析(乘法)
我有TABLE_A我需要创建 TABLE_A_FINAL 规则: 在TABLE_A_FINAL中我们有包含 ID_C 的所有可能组合的行如果在 TABLE_A与 ID_C 的组合相同我们乘以 WEIG
java - 在java中重复字母(乘法)
这个问题在这里已经有了答案: Simple way to repeat a string (32 个答案) 关闭 6 年前。我有一个任务是重复字符乘以它例如用户应该写重复输入 3 R 输出的字母和
c++ - 复合赋值(乘法)
我最近学习了C++的基础知识。我发现了一些我不明白的东西。这是让我有点困惑的程序。 #include using namespace std; int main()
两个列表的 Python 乘法
我有两个列表: list_a = list_b = list(范围(2, 6)) final_list = [] 我想知道如何将两个列表中的所有值相乘。我希望我的 final_list 包含 [2*2
任何基数的 C++ 乘法
如何修改此代码以适用于任何基数？ (二进制、十六进制、基数 10 等) int mult(int a, int b, int base){ if((a<=base)||(b<=base)){

搜寻专家

个人简介

我是一名优秀的程序员,十分优秀！

作者热门文章

滴滴打车优惠券免费领取

全站热门文章

首页

博学

6Ren·AI

商城

java - 点在椭圆曲线上的标量乘法