api – What’s the distinction between secp256k1_ecmult_gen and secp256k1_ecmult? – DAILY CRYPTO

admin

[ad_1] api – What’s the distinction between secp256k1_ecmult_gen and secp256k1_ecmult? – Bitcoin Stack Alternate Stack Alternate Community Stack Alternate community consists of 182 Q&A communities together with Stack Overflow , the most important, most trusted on-line group for builders to study, share their data, and construct their careers.Go to Stack Alternate Log in Join Bitcoin…

[ad_1]

api – What’s the distinction between secp256k1_ecmult_gen and secp256k1_ecmult? – Bitcoin Stack Alternate Stack Alternate Community Stack Alternate community consists of 182 Q&A communities together with Stack Overflow , the most important, most trusted on-line group for builders to study, share their data, and construct their careers.Go to Stack Alternate Log in Join

Bitcoin Stack Alternate is a query and reply website for Bitcoin crypto-currency lovers.It solely takes a minute to enroll.Signal as much as be part of this group

Anyone can ask a query

Anyone can reply

One of the best solutions are voted up and rise to the highest

Requested 1 12 months, 6 months in the past

Considered 289 occasions

libsecp256k1 has two implementations, secp256k1_ecmult in ecmult.h and secp256k1_ecmult_gen in ecmult_gen.h , to multiply the factors of an elliptic curve.

secp256k1_ecmult_gen helps easy multiplication akin to a*G and secp256k1_ecmult helps multiplication involving addition akin to a*P + bG .Nevertheless, secp256k1_ecmult can be utilized for easy multiplication by setting b=0 , truly, it’s used as such in eckey_impl.h#secp256k1_eckey_pubkey_tweak_mul .

How ought to these two features be used correctly? Is there any distinction within the efficiency?

requested Feb 26, 2021 at 12:57 1

How ought to these two features be used correctly?

A easy reply is “under no circumstances”.

These features usually are not uncovered within the public API of libsecp256k1, and that is the explanation why they do not have user-targeted documentation.As a substitute, they’re used as inner subroutines, largely for the implementation of ECDSA and Schnorr signatures.

Be suggested that cryptography ought to be carried out by specialists.

It’s extremely simple to shoot your self within the foot if you do not know what you are doing (and actually, even when you already know what you are doing).

Having mentioned this, here is a high-level overview: secp256k1_ecmult_gen will get as enter a scalar a and computes the multiplication aG with the usual generator G .

This perform is constant-time within the scalar a , i.e., it ensures that the timing of the computation doesn’t leak details about a .That is why it’s used every time the scalar is a secret, e.g., for key era when computing the general public key xG from the key key x , or for signing when computing the nonce rG from the key scalar r .

Normally, the requirement for a constant-time implementation makes makes code slower (for instance, you’ll be able to’t have early returns).secp256k1_ecmult will get as enter two scalars a , b and some extent P , and it computes aP + bG .

This perform doesn’t guarantee constant-time computations.This computation is precisely what is critical for signature verification, and the perform is appropriate as a result of no secret values are concerned in verification.There’s additionally secp256k1_ecmult_const .

It will get as enter a scalar a and level P , and it computes aP in constant-time.

(So when it comes to performance and safety, it’s a extra common variant of secp256k1_ecmult_gen that works with arbitrary factors P .As such it’s much less environment friendly as a result of it can not depend on some precomputation strategies that require to know P upfront.) That is used as a subroutine within the ECDH (Diffie-Hellman) module for computing the shared secret in the important thing alternate.

answered Feb 26, 2021 at 13:44 Not the reply you are searching for? Browse different questions tagged api secp256k1 or ask your personal query .Your privateness By clicking “Settle for all cookies”, you agree Stack Alternate can retailer cookies in your system and disclose info in accordance with our Cookie Coverage .

Settle for all cookies Customise settings

[ad_2]

Source_link.

Leave a Reply

Next Post

3 Cryptos That You Should Consider Adding To Your Portfolio – Big Eyes Coin, Tron And Cronos

The world we live in today is in a constant state of change whether it is rapid or slow and the same can be said about the world of cryptocurrency.Crypto tokens are one of the biggest players in the world of finance and with them, a lot of people have been able to make varying…
3 Cryptos That You Should Consider Adding To Your Portfolio – Big Eyes Coin, Tron And Cronos

Subscribe US Now