使用Crypto ++在secp521r1上进行标量乘法 [英] Scalar multiplication on secp521r1 using Crypto++

问题描述

我正在为c ++中的椭圆曲线编写以下标量乘法代码。当我不初始化该点的值时，代码将运行。但是当我这样做时，它给了我nullptr错误。

I am writing the following code for scalar multiplication in elliptic curve in c++. The code runs when i don't initialize the value of the point. But when i do, it gives me the nullptr error.

我尝试了以下代码：

ECP r1;
ECPPoint basepoint = ECPPoint(2,3);
ECPPoint point;
ECPPoint s1= ecp.ScalarMultiply(basepoint, x1);

错误：

CryptoPP::ECP::GetField(...) returned nullptr.

推荐答案

错误：CryptoPP： ：ECP :: GetField（...）返回了nullptr。

ERROR: CryptoPP::ECP::GetField(...) returned nullptr.

对于Crypto ++，您需要加载一条曲线。根据您发布的代码，看起来还没有完成。加载曲线将加载曲线的域参数。如果是素数字段上的曲线，则域参数为 {a，b，p，G，n，h} ，其中 a 和 b 是系数， p 模， G 是阶为 N ， n 是订单， h 是辅助因子。您可以在 eccrypto.cpp 。

For Crypto++ you need to load a curve. Based on the code you posted it does not look like that has been done. Loading the curve loads the domain parameters for the curve. In the case of a curve over a prime field the domain parameters are {a,b,p,G,n,h}, where a and b are coefficients, p modulus, G is the basepoint with order N, n is the order and h is the cofactor. You can see them in eccrypto.cpp.

对于 secp521r1 ，最简单的方法可能是以下几行。 secp256r1 用于缩小输出，但是您应该使用 secp521r1 。

For secp521r1 the easiest way to do it is probably along the lines of the following. secp256r1 was used to make the output smaller, but you should use secp521r1 instead.

#include "integer.h"
#include "eccrypto.h"
#include "osrng.h"
#include "oids.h"

#include <iostream>
#include <iomanip>

int main(int argc, char* argv[])
{
    using namespace CryptoPP;
    typedef DL_GroupParameters_EC<ECP> GroupParameters;
    typedef DL_GroupParameters_EC<ECP>::Element Element;

    AutoSeededRandomPool prng;    
    GroupParameters group;
    group.Initialize(ASN1::secp256r1());

    // private key
    Integer x(prng, Integer::One(), group.GetMaxExponent());

    std::cout << "Private exponent:" << std::endl;
    std::cout << "  " << std::hex << x << std::endl;

    // public key
    Element y = group.ExponentiateBase(x);

    std::cout << "Public element:" << std::endl;
    std::cout << "  " << std::hex << y.x << std::endl;
    std::cout << "  " << std::hex << y.y << std::endl;

    // element addition
    Element u = group.GetCurve().Add(y, ECP::Point(2,3));

    std::cout << "Add:" << std::endl;
    std::cout << "  " << std::hex << u.x << std::endl;
    std::cout << "  " << std::hex << u.y << std::endl;

    // scalar multiplication
    Element v = group.GetCurve().ScalarMultiply(u, Integer::Two());

    std::cout << "Mult:" << std::endl;
    std::cout << "  " << std::hex << v.x << std::endl;
    std::cout << "  " << std::hex << v.y << std::endl;

    return 0;
}

使用 g ++ test.cxx编译代码。 libcryptopp.a -o test.exe 。

运行代码会产生：

$ ./test.exe
Private exponent:
  b48e35e8d60918f815857503b034681bc59db689dee0ffc35a140e365bb056dch
Public element:
  bb9c8daaace9712f368bc98cf004a4594a14f9c330e2db141906ec67f05ab8d8h
  e37e5e161aae15f54f20d67b665311717305932a1479427fe063d84c5be82a1dh
Add:
  f5055cd23f23f5721d8a5f6f87bd61206e972a97c19478200cb0b1f24af398ach
  107a532732098c4d051efc7f54d9bda78020a6e68f95e01a33700bab56a91f9ah
Mult:
  46628d3e4f43da4fd001c652682d33f608c34ce3cf6c13f45b9bd014cbb83ed4h
  3b58f98bd0d70196036b77f6fcca6fe206bdf3beda4b2b604d5cb8ae0327a57ch

DL_GroupParameters_EC< ECP> group 看起来很不寻常，因为您进入了较低级别的基本接口。我想这就是您要基于示例代码的地方。

The DL_GroupParameters_EC<ECP> group looks unusual because you are into lower-level base interfaces. I think that's where you want to be based on your sample code.

通常，与EC齿轮相关的对象层次如下所示。它同时使用是或具有关系。例如，签名者和解密者各自具有私钥。

In general the hierarchy of objects with respect to the EC gear is/are shown below. It uses both an "is a" or "has a" relationships. For example, a Signer and Decryptor each "has a" Private Key. A Private Key "is a" GroupParameters.

Encryptor
  +- Public key
       +- Group parameters
            +- Curve
                 +- Field

Decryptor
  +- Private key
       +- Group parameters
            +- Curve
                 +- Field

Verifier
  +- Public key
       +- Group parameters
            +- Curve
                 +- Field

Signer
  +- Private key
       +- Group parameters
            +- Curve
                 +- Field

例如，签名者是协议，它在单个程序包中实现您需要的所有内容。签名者下方是私钥，它执行乘法和求幂。私钥下方是字段和曲线。如此反复，直到获得系数和模数为止。

For example, the Signer is the protocol, and implements everything you need in a single package. Below the Signer is the Private Key, and it performs the multiplication and exponentiation. Below the Private Key is the field and the curve. And so on until you get to the coefficients and modulus.

话虽如此，您通常希望使用更高级别的对象之一。大多数人使用加密器，解密器，公共密钥和私有密钥。大多数人都不需要进入下方，例如进入GroupParameters或Curves之类的对象。

With that said, you usually want to use one of the higher level objects. Most folks use Encryptors, Decryptors, Public Keys and Private Keys. Most folks don't need to go below, like into objects like GroupParameters or Curves.

您可能也有兴趣 Crypto ++手册和 Crypto ++ Wiki中的椭圆曲线密码学。

这篇关于使用Crypto ++在secp521r1上进行标量乘法的文章就介绍到这了，希望我们推荐的答案对大家有所帮助，也希望大家多多支持IT屋！