search

scipr-lab / libff

C++ library for Finite Fields and Elliptic Curves
Other
149 stars 82 forks source link

Support other elliptic curves #72

Open yelhousni opened 3 years ago

yelhousni commented 3 years ago

Currently only ALT_BN128/BN128, MNT4-298/MNT6-298 and EDWARDS-80 elliptic curves are supported in libff. All of them have a lower security level than 128-bit. Is there any plans to support other curves like: BLS12-381, BLS12-377/BW6-761?

AntoineRondelet commented 3 years ago

Great, thanks @yelhousni for your PR (#71)!

Is there any plans to support other curves like: BLS12-381, BLS12-377/BW6-761?

Yes, that's something I meant to do (been side tracked by other things). I'll have a look to #71 and hopefully we can port implementation of other curves to this repo in the near future (some forks already implement several curves of interest). I think there is a little bit of work to nicely add other curves (the "big" MNT cycle, BLS12-377, BW6, SW6, JubJub - once BLS12-381 is merged, etc.) to this library though. In fact, that'd be nice to support "curve families" as a way to factorize as much code as possible across specific curves of the same family (e.g. BLS12-377/BLS12-381, or add support for other Barreto Naehrig curves - like the one used in DIZK - with minimal changes). Ideally there should be as little code as possible for each curve instantiation (and the params files could mostly be generated using the sage scripts). One thing after the other though :) I'll try to have a look at your PR when I have some time :)

ValarDragon commented 3 years ago

It'd be great to add BLS12-381 and BLS12-377/BW6-761!

Thank you for making the PR for #71! I think its good to merge in.

Agreed with Antoine, that in the end-state it would great to factor code per curve model, and have parameters input into a much more condensed sage script. (But that shouldn't block adding in more curves that are already of interest)

zlemon819 commented 1 year ago

Great, thanks @yelhousni for your PR (#71)!

Is there any plans to support other curves like: BLS12-381, BLS12-377/BW6-761?

Yes, that's something I meant to do (been side tracked by other things). I'll have a look to #71 and hopefully we can port implementation of other curves to this repo in the near future (some forks already implement several curves of interest). I think there is a little bit of work to nicely add other curves (the "big" MNT cycle, BLS12-377, BW6, SW6, JubJub - once BLS12-381 is merged, etc.) to this library though. In fact, that'd be nice to support "curve families" as a way to factorize as much code as possible across specific curves of the same family (e.g. BLS12-377/BLS12-381, or add support for other Barreto Naehrig curves - like the one used in DIZK - with minimal changes). Ideally there should be as little code as possible for each curve instantiation (and the params files could mostly be generated using the sage scripts). One thing after the other though :) I'll try to have a look at your PR when I have some time :)

hi, i am recently study your curves implementations, i wonder what paper your code are based?could you point the paper? thank you.