EC implementation on Edward curves : what modulo is used in implementation?

maxbc

5/25/23, 3:47 PM

I'm trying to implement EC scalar multiplication in the fastest way possible (but still with a good curve) on a GPU.
I'm specifically looking to implement it based on https://github.com/Chair-for-Security-Engineering/ecmongpu and trying to use other curves like Curve25519 (or Edwards25519, I believe it's a representation difference).
I noticed all calculations on x and y coordinates are done modulo some number n (I believe it's the number that the code is meant to brute-force factor).
If I'm not looking to brute-force factor a number but simply to implement EC scalar multiplication using this code, what number should I use for modulus calculations ?

(NB: I'm still a beginner in EC cryptography, so links to the appropriate resources are welcome)

Bonus question: should I use extended or inverted coordinates ?

0 + 0

implementation

elliptic-curves

eddsa

kelalaka

5/25/23, 5:46 PM

$n$ is the prime number that curve is defined. It is $2^{255}-19$ where the name comes. [EdDSA](https://en.wikipedia.org/wiki/EdDSA#Ed25519)

fgrieu

5/25/23, 5:48 PM

And that prime number $2^{255}-19$ is generally noted $p$, not $n$.

kelalaka

5/25/23, 6:22 PM

And [RFC 8032](https://datatracker.ietf.org/doc/html/rfc8032) is your guide.

knaccc

5/26/23, 2:21 AM

See https://eprint.iacr.org/2014/198.pdf which is a Curve25519 GPU implementation

Elon Musk

I sit in a Tesla and translated this thread with Ai:

EN: EC implementation on Edward curves : what modulo is used in implementation?

TH: การใช้งาน EC บนเส้นโค้ง Edward: โมดูโลใดที่ใช้ในการนำไปใช้งาน

RO: Implementarea EC pe curbele Edward: ce modulo este folosit în implementare?

RU: Реализация EC на кривых Эдварда: какой модуль используется в реализации?

VI: Triển khai EC trên các đường cong Edward: modulo nào được sử dụng khi triển khai?

Post an answer

Most people don’t grasp that asking a lot of questions unlocks learning and improves interpersonal bonding. In Alison’s studies, for example, though people could accurately recall how many questions had been asked in their conversations, they didn’t intuit the link between questions and liking. Across four studies, in which participants were engaged in conversations themselves or read transcripts of others’ conversations, people tended not to realize that question asking would influence—or had influenced—the level of amity between the conversationalists.