From cd2cd2f5b36d321d07fede96a330ba45dc217367 Mon Sep 17 00:00:00 2001 From: Dan Dore Date: Thu, 1 Feb 2024 12:11:24 -0800 Subject: [PATCH 1/3] faster `is_in_correct_subgroup_assuming_on_curve` when cofactor is one --- ec/src/models/short_weierstrass/mod.rs | 9 +++++++-- 1 file changed, 7 insertions(+), 2 deletions(-) diff --git a/ec/src/models/short_weierstrass/mod.rs b/ec/src/models/short_weierstrass/mod.rs index 20bf7029c..515c4721b 100644 --- a/ec/src/models/short_weierstrass/mod.rs +++ b/ec/src/models/short_weierstrass/mod.rs @@ -65,13 +65,18 @@ pub trait SWCurveConfig: super::CurveConfig { /// Check if the provided curve point is in the prime-order subgroup. /// /// The default implementation multiplies `item` by the order `r` of the - /// prime-order subgroup, and checks if the result is zero. + /// prime-order subgroup, and checks if the result is zero. If the + /// curve's cofactor is one, this check automatically returns true. /// Implementors can choose to override this default impl /// if the given curve has faster methods /// for performing this check (for example, via leveraging curve /// isomorphisms). fn is_in_correct_subgroup_assuming_on_curve(item: &Affine) -> bool { - Self::mul_affine(item, Self::ScalarField::characteristic()).is_zero() + if Self::cofactor_is_one() { + true + } else { + Self::mul_affine(item, Self::ScalarField::characteristic()).is_zero() + } } /// Performs cofactor clearing. From 1bdb129dc3fa9eca21b6dabcec5b3fb840f2c55c Mon Sep 17 00:00:00 2001 From: Dan Dore Date: Thu, 1 Feb 2024 12:44:37 -0800 Subject: [PATCH 2/3] update CHANGELOG.md --- CHANGELOG.md | 6 +++++- 1 file changed, 5 insertions(+), 1 deletion(-) diff --git a/CHANGELOG.md b/CHANGELOG.md index 4c1228e38..1c90ceef2 100644 --- a/CHANGELOG.md +++ b/CHANGELOG.md @@ -31,7 +31,11 @@ ### Improvements - [\#736](https://github.com/arkworks-rs/algebra/pull/736) (`ark-ff`) Deprecate `divn()`, and use `core::ops::{Shr, ShrAssign}` instead. -- [\#739](https://github.com/arkworks-rs/algebra/pull/739) (`ark-ff`) Deprecate `muln()`, and use `core::ops::{Shl, ShlAssign}` instead. +- [\#739](https://github.com/arkworks-rs/algebra/pull/739) (`ark-ff`) Deprecate + `muln()`, and use `core::ops::{Shl, ShlAssign}` instead. +- [\#771](https://github.com/arkworks-rs/algebra/pull/771) (`ark-ec`) Omit expensive + scalar multiplication in `is_in_correct_subgroup_assuming_on_curve()` for + short Weierstrass curves of cofactor one. ### Bugfixes From 64aa5be7c6d44538c2f6f1500b636b1c95012b78 Mon Sep 17 00:00:00 2001 From: Pratyush Mishra Date: Thu, 1 Feb 2024 16:43:52 -0800 Subject: [PATCH 3/3] Tweak CHANGELOG.md --- CHANGELOG.md | 7 ++----- 1 file changed, 2 insertions(+), 5 deletions(-) diff --git a/CHANGELOG.md b/CHANGELOG.md index 1c90ceef2..79545cc93 100644 --- a/CHANGELOG.md +++ b/CHANGELOG.md @@ -31,11 +31,8 @@ ### Improvements - [\#736](https://github.com/arkworks-rs/algebra/pull/736) (`ark-ff`) Deprecate `divn()`, and use `core::ops::{Shr, ShrAssign}` instead. -- [\#739](https://github.com/arkworks-rs/algebra/pull/739) (`ark-ff`) Deprecate - `muln()`, and use `core::ops::{Shl, ShlAssign}` instead. -- [\#771](https://github.com/arkworks-rs/algebra/pull/771) (`ark-ec`) Omit expensive - scalar multiplication in `is_in_correct_subgroup_assuming_on_curve()` for - short Weierstrass curves of cofactor one. +- [\#739](https://github.com/arkworks-rs/algebra/pull/739) (`ark-ff`) Deprecate `muln()`, and use `core::ops::{Shl, ShlAssign}` instead. +- [\#771](https://github.com/arkworks-rs/algebra/pull/771) (`ark-ec`) Omit expensive scalar multiplication in `is_in_correct_subgroup_assuming_on_curve()` for short Weierstrass curves of cofactor one. ### Bugfixes