Encryption 雅可比坐标系下的椭圆曲线加法
我尝试在素数域上的椭圆曲线上添加两个点,将这些点从仿射/坐标转换为仿射坐标,但无法获得正确的结果(我正在测试的曲线的a=0)。任何人都能看到出了什么问题Encryption 雅可比坐标系下的椭圆曲线加法,encryption,cryptography,elliptic-curve,modular-arithmetic,ecdsa,Encryption,Cryptography,Elliptic Curve,Modular Arithmetic,Ecdsa,我尝试在素数域上的椭圆曲线上添加两个点,将这些点从仿射/坐标转换为仿射坐标,但无法获得正确的结果(我正在测试的曲线的a=0)。任何人都能看到出了什么问题 // From Affine BigInteger X1=P.x; BigInteger Y1=P.y; BigInteger Z1=BigInteger.ONE; BigInteger X2=Q.x; BigInteger Y2=Q.y; BigInteger Z2=BigInteger.ONE; // Point addition in
// From Affine
BigInteger X1=P.x;
BigInteger Y1=P.y;
BigInteger Z1=BigInteger.ONE;
BigInteger X2=Q.x;
BigInteger Y2=Q.y;
BigInteger Z2=BigInteger.ONE;
// Point addition in Jacobian coordinates for a=0
// see http://www.hyperelliptic.org/EFD/g1p/auto-shortw-jacobian-0.html#addition-add-2007-bl
BigInteger Z1Z1 = Z1.multiply(Z1);
BigInteger Z2Z2 = Z2.multiply(Z2);
BigInteger U1 = X1.multiply(Z2Z2);
BigInteger U2 = X2.multiply(Z1Z1);
BigInteger S1 = Y1.multiply(Z2).multiply(Z2Z2);
BigInteger S2 = Y2.multiply(Z1).multiply(Z1Z1);
BigInteger H = U2.subtract(U1);
BigInteger I = H.add(H).multiply(H.add(H));
BigInteger J = H.multiply(I);
BigInteger r = S2.subtract(S1).add(S2.subtract(S1));
BigInteger V = U1.multiply(I);
BigInteger X3 = r.multiply(r).subtract(J).subtract(V.add(V)).mod(FIELD);
BigInteger Y3 = r.multiply(V.subtract(X3)).subtract(S1.add(S1).multiply(J)).mod(FIELD);
BigInteger Z3 = Z1.add(Z2).multiply(Z1.add(Z2)).subtract(Z1Z1).subtract(Z2Z2).multiply(H).mod(FIELD);
//To affine
BigInteger Z3Z3 = Z3.multiply(Z3);
BigInteger Z3Z3Z3 = Z3Z3.multiply(Z3);
return new Point(X3.divide(Z3Z3),Y3.divide(Z3Z3Z3));
分区不可能是对的。您需要计算乘法逆模
字段z^{-1}=ModPow(z,FIELD-2,FIELD)要验证
biginger.ONE==1Z1Z1=Z1^2=1=Z2Z2=Z2^2=1U1=X1U2=X2S1=Y1字段z^{-1}=ModPow(z,FIELD-2,FIELD)