Adding primitive to compute x^(1/5) in the scalar field

[dannywillems]

Would you be interested adding the addition chain to compute the permutation x^(1/5) in the library? The function x^(1/5) is used by different cryptographic primitives like Rescue [1], Griffin [2] or Anemoi [3].

If yes, I am fine opening a PR. Best,

[1] https://www.esat.kuleuven.be/cosic/publications/article-3259.pdf [2] https://eprint.iacr.org/2022/403 [3] https://eprint.iacr.org/2022/840

[dot-asm]

Would you be interested adding the addition chain to compute the permutation x^(1/5) in the library?

Hmmm, trick question:-) If read literally, then the answer would be "no." But it's not really about our interest (of minimizing the effort), but rather about utility for blst users. As for PR. It would be more efficient if I do it than us having back-and-forth ironing out minute details:-)

Cheers.

[dot-asm]

I've put together blst_fr_pentaroot (and blst_fr_pentapow). For the moment it's compiled conditionally, with -DBLST_FR_PENTAROOT. There is room for further improvement in the future, by implementing 255-bit sqr-n-mul in assembly.