Update PKEY2005.md

This commit is contained in:
WitherOrNot 2026-06-09 16:08:57 -04:00 committed by GitHub
parent 1c0735bb0a
commit 8e4c5cc850
No known key found for this signature in database
GPG Key ID: B5690EEEBB952194

View File

@ -91,9 +91,10 @@ struct field_data {
u8 h1_coeffs[num_elements]; // H1 radices u8 h1_coeffs[num_elements]; // H1 radices
bignum modulus; // Prime modulus of base field bignum modulus; // Prime modulus of base field
u8 order[size_order]; // Order of elliptic curve over base field (also a bignum) u8 order[size_order]; // Order of elliptic curve over base field (also a bignum)
// Polynomials are stored as bytes in order of lowest to highest degree coefficients // Polynomials are stored as signed bytes in order of lowest to highest degree coefficients
u8 ext_split_poly1[ext_deg1 + 1]; // Minimal polynomial of first field extension // Negative coefficients will be reduced in the field K, so c[i] = -u == p - u
u8 ext_split_poly2[ext_deg2 + 1]; // Minimal polynomial of second field extension s8 ext_split_poly1[ext_deg1 + 1]; // Minimal polynomial of first field extension
s8 ext_split_poly2[ext_deg2 + 1]; // Minimal polynomial of second field extension
// Unused capability: y^2 = x^3 + ec_a_base * x + ec_b_base // Unused capability: y^2 = x^3 + ec_a_base * x + ec_b_base
// This curve would be over the base field // This curve would be over the base field
bignum ec_a_base; bignum ec_a_base;
@ -149,7 +150,7 @@ Given an extension field $K \supseteq L$, with $u$ being the primitive element o
$$ w = z_0 + z_1 u + z_2 u^2 + \ldots + z_{n-1} u^{n-1} $$ $$ w = z_0 + z_1 u + z_2 u^2 + \ldots + z_{n-1} u^{n-1} $$
where $n$ is the degree of the extension and $z_i \in L$. where $n$ is the degree of the extension and $z_i \in L$.
This encoding method is used to represent elements of an extension field as arrays of elements in the base field, and is used to encode the coordinates of elliptic curve points as well. This encoding method is used to represent elements of an extension field as arrays of elements in the base field (in the same order as the equation above), which is used to encode the coordinates of elliptic curve points and the pairing value.
The patent also describes that points in $E/K_6$ can be represented as points in $E/K_3$ to reduce storage space. The patent also describes that points in $E/K_6$ can be represented as points in $E/K_3$ to reduce storage space.
This compression method is used on the points in $\vec{Q}'$, and must be undone before pairing computation to retrieve $\vec{Q}$. This compression method is used on the points in $\vec{Q}'$, and must be undone before pairing computation to retrieve $\vec{Q}$.