From c36f9f5f037638fb12cea1a626c22005a4630bb8 Mon Sep 17 00:00:00 2001 From: Filiprogrammer <44641787+Filiprogrammer@users.noreply.github.com> Date: Sat, 16 May 2026 22:01:14 +0200 Subject: [PATCH 1/9] very WIP I don't know about this --- 3ec_forms/chapter4.tex | 23 +++++++++++++++++++++++ 1 file changed, 23 insertions(+) diff --git a/3ec_forms/chapter4.tex b/3ec_forms/chapter4.tex index 738e049..7c21e85 100644 --- a/3ec_forms/chapter4.tex +++ b/3ec_forms/chapter4.tex @@ -116,6 +116,29 @@ \section{Jacobian Coordinates} Therefore, scaling by a non-zero factor with these weights preserves the represented point: $$(X:Y:Z) = (\lambda^2 X : \lambda^3 Y : \lambda Z) \qquad \lambda \neq 0$$ +Converting back to affine coordinates requires dividing by $Z^2$ and $Z^3$. +To minimize expensive inversions, the library computes $Z^{-1}$ once, then squares and cubes it: + +\begin{listing}[H] +\caption{Converting a Jacobian point to affine coordinates} +\begin{minted}{rust} +impl> From> + for AffineEllipticCurvePoint +{ + fn from(jacobian_pt: JacobianEllipticCurvePoint) -> Self { + if let Some(z_inv) = jacobian_pt.z().multiplicative_inverse() { + let zz_inv = &z_inv * &z_inv; + let zzz_inv = z_inv * &zz_inv; + + Self::finite(zz_inv * jacobian_pt.x(), zzz_inv * jacobian_pt.y()) + } else { + Self::point_at_infinity() + } + } +} +\end{minted} +\end{listing} + \subsection{The Jacobian Curve Equation} Substituting the Jacobian mapping into the short Weierstrass equation $y^2 = x^3 + ax + b$ and clearing denominators by multiplying by $Z^6$ yields: From af07184309ab342c263ee82efd2ca8a679c4a2b4 Mon Sep 17 00:00:00 2001 From: Filiprogrammer <44641787+Filiprogrammer@users.noreply.github.com> Date: Sun, 17 May 2026 01:38:48 +0200 Subject: [PATCH 2/9] very WIP2 I don't know about this --- 3ec_forms/chapter4.tex | 30 ++++++++++++++++-------------- 1 file changed, 16 insertions(+), 14 deletions(-) diff --git a/3ec_forms/chapter4.tex b/3ec_forms/chapter4.tex index 7c21e85..baaae88 100644 --- a/3ec_forms/chapter4.tex +++ b/3ec_forms/chapter4.tex @@ -116,6 +116,22 @@ \section{Jacobian Coordinates} Therefore, scaling by a non-zero factor with these weights preserves the represented point: $$(X:Y:Z) = (\lambda^2 X : \lambda^3 Y : \lambda Z) \qquad \lambda \neq 0$$ +\subsection{The Jacobian Curve Equation} + +Substituting the Jacobian mapping into the short Weierstrass equation $y^2 = x^3 + ax + b$ and clearing denominators by multiplying by $Z^6$ yields: +$$Y^2 = X^3 + aXZ^4 + bZ^6$$ + +\subsection{The Point at Infinity} + +As with standard projective coordinates, the point at infinity lies on $Z=0$. +Substituting $Z=0$ into the curve equation gives: +$$Y^2 = X^3$$ +The canonical representation of $\mathcal{O}$ in Jacobian coordinates is: +$$\mathcal{O} = (1:1:0)$$ +This satisfies the equation, making this a valid point on the curve. + +\subsection{Converting to Affine Coordinates in Rust} + Converting back to affine coordinates requires dividing by $Z^2$ and $Z^3$. To minimize expensive inversions, the library computes $Z^{-1}$ once, then squares and cubes it: @@ -139,20 +155,6 @@ \section{Jacobian Coordinates} \end{minted} \end{listing} -\subsection{The Jacobian Curve Equation} - -Substituting the Jacobian mapping into the short Weierstrass equation $y^2 = x^3 + ax + b$ and clearing denominators by multiplying by $Z^6$ yields: -$$Y^2 = X^3 + aXZ^4 + bZ^6$$ - -\subsection{The Point at Infinity} - -As with standard projective coordinates, the point at infinity lies on $Z=0$. -Substituting $Z=0$ into the curve equation gives: -$$Y^2 = X^3$$ -The canonical representation of $\mathcal{O}$ in Jacobian coordinates is: -$$\mathcal{O} = (1:1:0)$$ -This satisfies the equation, making this a valid point on the curve. - \subsection{Point Arithmetic in Jacobian Coordinates} The Explicit-Formulas Database \cite{Bernstein_Lange_2007_EFD} also provides efficient formulas for Jacobian point operations. From e600a752e71f457dd994d715e2609d17c8dbaab1 Mon Sep 17 00:00:00 2001 From: Filiprogrammer <44641787+Filiprogrammer@users.noreply.github.com> Date: Sun, 17 May 2026 13:35:08 +0200 Subject: [PATCH 3/9] very WIP3 I don't know about this --- 3ec_forms/chapter4.tex | 14 +++++++------- 1 file changed, 7 insertions(+), 7 deletions(-) diff --git a/3ec_forms/chapter4.tex b/3ec_forms/chapter4.tex index baaae88..cbbf617 100644 --- a/3ec_forms/chapter4.tex +++ b/3ec_forms/chapter4.tex @@ -130,9 +130,15 @@ \subsection{The Point at Infinity} $$\mathcal{O} = (1:1:0)$$ This satisfies the equation, making this a valid point on the curve. +\subsection{Point Arithmetic in Jacobian Coordinates} + +The Explicit-Formulas Database \cite{Bernstein_Lange_2007_EFD} also provides efficient formulas for Jacobian point operations. +While both projective and Jacobian coordinates avoid costly inversions, the weighted mapping of Jacobian coordinates allows for even faster point doubling formulas. +This can improve efficiency of scalar multiplication, which relies heavily on point doubling. + \subsection{Converting to Affine Coordinates in Rust} -Converting back to affine coordinates requires dividing by $Z^2$ and $Z^3$. +After a sequence of point operations is complete, the resulting Jacobian point can be converted back to affine coordinates, requiring division by $Z^2$ and $Z^3$. To minimize expensive inversions, the library computes $Z^{-1}$ once, then squares and cubes it: \begin{listing}[H] @@ -155,10 +161,4 @@ \subsection{Converting to Affine Coordinates in Rust} \end{minted} \end{listing} -\subsection{Point Arithmetic in Jacobian Coordinates} - -The Explicit-Formulas Database \cite{Bernstein_Lange_2007_EFD} also provides efficient formulas for Jacobian point operations. -While both projective and Jacobian coordinates avoid costly inversions, the weighted mapping of Jacobian coordinates allows for even faster point doubling formulas. -This can improve efficiency of scalar multiplication, which relies heavily on point doubling. - \end{document} From fa57e2b2d56464290486692630fde34db72318f9 Mon Sep 17 00:00:00 2001 From: Filiprogrammer <44641787+Filiprogrammer@users.noreply.github.com> Date: Sun, 17 May 2026 13:46:52 +0200 Subject: [PATCH 4/9] very WIP4 I don't know about this --- 3ec_forms/chapter4.tex | 21 +++++++++++++++++++++ 1 file changed, 21 insertions(+) diff --git a/3ec_forms/chapter4.tex b/3ec_forms/chapter4.tex index cbbf617..5aef5c1 100644 --- a/3ec_forms/chapter4.tex +++ b/3ec_forms/chapter4.tex @@ -107,6 +107,27 @@ \subsection{Point Arithmetic in Projective Coordinates} While projective point addition requires more individual field operations than affine point addition, in the context of finite fields, a single modular inversion can cost as much as a hundred multiplications. Eliminating the inversion therefore results in a substantial overall speedup. +\subsection{Converting to Affine Coordinates in Rust} + +After a sequence of point operations is complete, the resulting projective point can be converted back to affine coordinates, requiring only one inversion. + +\begin{listing}[H] +\caption{Converting a projective point to affine coordinates} +\begin{minted}{rust} +impl> From> + for AffineEllipticCurvePoint +{ + fn from(proj_pt: ProjectiveEllipticCurvePoint) -> Self { + if let Some(z_inv) = proj_pt.z().multiplicative_inverse() { + Self::finite(&z_inv * proj_pt.x(), z_inv * proj_pt.y()) + } else { + Self::point_at_infinity() + } + } +} +\end{minted} +\end{listing} + \section{Jacobian Coordinates} Jacobian coordinates are another form that eliminates division from point arithmetic. From d732a84e73551888a189b4606d0be60414f128c3 Mon Sep 17 00:00:00 2001 From: Filiprogrammer <44641787+Filiprogrammer@users.noreply.github.com> Date: Sun, 17 May 2026 14:20:54 +0200 Subject: [PATCH 5/9] very WIP5 I don't know about this --- 3ec_forms/chapter4.tex | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/3ec_forms/chapter4.tex b/3ec_forms/chapter4.tex index 5aef5c1..b7ac7fb 100644 --- a/3ec_forms/chapter4.tex +++ b/3ec_forms/chapter4.tex @@ -109,7 +109,7 @@ \subsection{Point Arithmetic in Projective Coordinates} \subsection{Converting to Affine Coordinates in Rust} -After a sequence of point operations is complete, the resulting projective point can be converted back to affine coordinates, requiring only one inversion. +After a sequence of point operations is complete, a single inversion that was deferred throughout converts the result back to affine coordinates: \begin{listing}[H] \caption{Converting a projective point to affine coordinates} From b20fd88ecd99f6aa1ade6cfc6abc3d6f9ea6a6b9 Mon Sep 17 00:00:00 2001 From: Filiprogrammer <44641787+Filiprogrammer@users.noreply.github.com> Date: Sun, 17 May 2026 14:41:16 +0200 Subject: [PATCH 6/9] very WIP6 I don't know about this --- 3ec_forms/chapter4.tex | 10 +++++----- 1 file changed, 5 insertions(+), 5 deletions(-) diff --git a/3ec_forms/chapter4.tex b/3ec_forms/chapter4.tex index b7ac7fb..2fb5eb3 100644 --- a/3ec_forms/chapter4.tex +++ b/3ec_forms/chapter4.tex @@ -107,12 +107,12 @@ \subsection{Point Arithmetic in Projective Coordinates} While projective point addition requires more individual field operations than affine point addition, in the context of finite fields, a single modular inversion can cost as much as a hundred multiplications. Eliminating the inversion therefore results in a substantial overall speedup. -\subsection{Converting to Affine Coordinates in Rust} +\subsection{Converting Projective to Affine Coordinates in Rust} After a sequence of point operations is complete, a single inversion that was deferred throughout converts the result back to affine coordinates: \begin{listing}[H] -\caption{Converting a projective point to affine coordinates} +\caption{\texttt{From} trait implementation to convert a projective point to affine coordinates} \begin{minted}{rust} impl> From> for AffineEllipticCurvePoint @@ -157,13 +157,13 @@ \subsection{Point Arithmetic in Jacobian Coordinates} While both projective and Jacobian coordinates avoid costly inversions, the weighted mapping of Jacobian coordinates allows for even faster point doubling formulas. This can improve efficiency of scalar multiplication, which relies heavily on point doubling. -\subsection{Converting to Affine Coordinates in Rust} +\subsection{Converting Jacobian to Affine Coordinates in Rust} After a sequence of point operations is complete, the resulting Jacobian point can be converted back to affine coordinates, requiring division by $Z^2$ and $Z^3$. -To minimize expensive inversions, the library computes $Z^{-1}$ once, then squares and cubes it: +To minimize expensive inversions, the library computes $Z^{-1}$ once, then derives the required powers by multiplying: \begin{listing}[H] -\caption{Converting a Jacobian point to affine coordinates} +\caption{\texttt{From} trait implementation to convert a Jacobian point to affine coordinates} \begin{minted}{rust} impl> From> for AffineEllipticCurvePoint From 8758d3cdb7c5c2683227573eb3ef41e759cacc7d Mon Sep 17 00:00:00 2001 From: Filiprogrammer <44641787+Filiprogrammer@users.noreply.github.com> Date: Sun, 17 May 2026 15:01:49 +0200 Subject: [PATCH 7/9] very WIP7 I don't know about this --- 3ec_forms/chapter4.tex | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/3ec_forms/chapter4.tex b/3ec_forms/chapter4.tex index 2fb5eb3..9f9f5ef 100644 --- a/3ec_forms/chapter4.tex +++ b/3ec_forms/chapter4.tex @@ -109,7 +109,7 @@ \subsection{Point Arithmetic in Projective Coordinates} \subsection{Converting Projective to Affine Coordinates in Rust} -After a sequence of point operations is complete, a single inversion that was deferred throughout converts the result back to affine coordinates: +After a sequence of point operations is complete, a single inversion, that was deferred throughout, converts the result back to affine coordinates: \begin{listing}[H] \caption{\texttt{From} trait implementation to convert a projective point to affine coordinates} From acf0b81e2c7faeac93a0e12a8fb9e1ce5b91c5a2 Mon Sep 17 00:00:00 2001 From: Filiprogrammer <44641787+Filiprogrammer@users.noreply.github.com> Date: Sun, 17 May 2026 15:16:03 +0200 Subject: [PATCH 8/9] very WIP8 I don't know about this --- 3ec_forms/chapter4.tex | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/3ec_forms/chapter4.tex b/3ec_forms/chapter4.tex index 9f9f5ef..1f41c16 100644 --- a/3ec_forms/chapter4.tex +++ b/3ec_forms/chapter4.tex @@ -109,7 +109,7 @@ \subsection{Point Arithmetic in Projective Coordinates} \subsection{Converting Projective to Affine Coordinates in Rust} -After a sequence of point operations is complete, a single inversion, that was deferred throughout, converts the result back to affine coordinates: +After a sequence of projective point operations is complete, a single inversion, which was deferred throughout, converts the result back to affine coordinates: \begin{listing}[H] \caption{\texttt{From} trait implementation to convert a projective point to affine coordinates} From 6ca4494ef3d4a0d8491ae43ecb27e57cd008047a Mon Sep 17 00:00:00 2001 From: Filiprogrammer <44641787+Filiprogrammer@users.noreply.github.com> Date: Sun, 17 May 2026 16:06:36 +0200 Subject: [PATCH 9/9] very WIP9 I don't know about this --- 3ec_forms/chapter4.tex | 5 +++-- 1 file changed, 3 insertions(+), 2 deletions(-) diff --git a/3ec_forms/chapter4.tex b/3ec_forms/chapter4.tex index 1f41c16..ce893f6 100644 --- a/3ec_forms/chapter4.tex +++ b/3ec_forms/chapter4.tex @@ -160,8 +160,9 @@ \subsection{Point Arithmetic in Jacobian Coordinates} \subsection{Converting Jacobian to Affine Coordinates in Rust} After a sequence of point operations is complete, the resulting Jacobian point can be converted back to affine coordinates, requiring division by $Z^2$ and $Z^3$. -To minimize expensive inversions, the library computes $Z^{-1}$ once, then derives the required powers by multiplying: - +Since $Z^{-2}$ and $Z^{-3}$ can be derived from $Z^{-1}$ by multiplication, the library performs only one expensive inversion. +If $Z = 0$, no inverse exists, which identifies the point as the point at infinity $\mathcal{O}$: +\nopagebreak \begin{listing}[H] \caption{\texttt{From} trait implementation to convert a Jacobian point to affine coordinates} \begin{minted}{rust}