pyecsca.sca.re.zvp module¶
Provides functionality inspired by the Zero-value point attack [ZVP].
Implements ZVP point construction from [FFD].
- map_to_affine(formula, polys)[source]¶
Map unrolled polynomials of a formula to affine form, using some assumptions along the way (e.g. Z = 1).
- compute_factor_set(formula, affine=True, filter_nonhomo=True, xonly=False)[source]¶
Compute a set of factors present in the
formula.- Parameters:
- Return type:
Set[Poly]- Returns:
The set of factors present in the formula.
- zvp_points(poly, curve, k, n)[source]¶
Find a set of (affine) ZVP points for a given intermediate value and dlog relationship.
- Parameters:
poly¶ (
Poly) – The polynomial to zero out, obtained as a result ofunroll_formula()(or its factor).curve¶ (
EllipticCurve) – The curve to compute over.k¶ (
int) – The discrete-log relationship between the two points, i.e. (x2, x2) = [k](x1, x1)n¶ (
int) – The curve order.
- Return type:
Set[Point]- Returns:
The set of points (x1, y1).
- addition_chain(scalar, params, mult_class, mult_factory, use_init=False, use_multiply=True)[source]¶
Compute the addition chain for a given scalar and multiplier.
- Parameters:
scalar¶ (
int) – The scalar to compute for.params¶ (
DomainParameters) – The domain parameters to use.mult_class¶ (
Type[ScalarMultiplier]) – The class of the scalar multiplier to use.mult_factory¶ (
Callable) – A callable that takes the formulas and instantiates the multiplier.use_init¶ (
bool) – Whether to consider the point multiples that happen in scalarmult initialization.use_multiply¶ (
bool) – Whether to consider the point multiples that happen in scalarmult multiply (after initialization).
- Return type:
List[Tuple[str,Tuple[int,...]]]- Returns:
A list of tuples, where the first element is the formula shortname (e.g. “add”) and the second is a tuple of the dlog
relationships to the input of the input points to the formula.