Lib.rs

Cryptography
#elliptic-curve #pairing #extension

no-std ark-bls12-377-ext

Extensions for the BLS12-377 pairing-friendly elliptic curve

by Parity Technologies, Achim Schneider, Davide Galassi. Owned by paritytech-ci.

1 unstable release

0.4.1 Oct 27, 2023

#1435 in Cryptography

Download history 18013/week @ 2024-01-05 22278/week @ 2024-01-12 25316/week @ 2024-01-19 24116/week @ 2024-01-26 22718/week @ 2024-02-02 22295/week @ 2024-02-09 30943/week @ 2024-02-16 30957/week @ 2024-02-23 24966/week @ 2024-03-01 25233/week @ 2024-03-08 27665/week @ 2024-03-15 29527/week @ 2024-03-22 37376/week @ 2024-03-29 40842/week @ 2024-04-05 35272/week @ 2024-04-12 25022/week @ 2024-04-19

142,684 downloads per month
Used in 3 crates

MIT/Apache

30KB
590 lines

This library implements the BLS12_377 curve generated in [BCGMMW20, “Zexe”]. The name denotes that it is a Barreto--Lynn--Scott curve of embedding degree 12, defined over a 377-bit (prime) field. The main feature of this curve is that both the scalar field and the base field are highly 2-adic. (This is in contrast to the BLS12_381 curve for which only the scalar field is highly 2-adic.)

Curve information:

  • Base field: q = 258664426012969094010652733694893533536393512754914660539884262666720468348340822774968888139573360124440321458177
  • Scalar field: r = 8444461749428370424248824938781546531375899335154063827935233455917409239041
  • valuation(q - 1, 2) = 46
  • valuation(r - 1, 2) = 47
  • G1 curve equation: y^2 = x^3 + 1
  • G2 curve equation: y^2 = x^3 + B, where
    • B = Fq2(0, 155198655607781456406391640216936120121836107652948796323930557600032281009004493664981332883744016074664192874906)

Dependencies

~6MB
~116K SLoC