CRYPTO_X25519_DIRTY_FAST(3monocypher) | 3monocypher | CRYPTO_X25519_DIRTY_FAST(3monocypher) |
crypto_x25519_dirty_fast
,
crypto_x25519_dirty_small
—
#include <monocypher.h>
void
crypto_x25519_dirty_fast
(uint8_t
pk[32], const uint8_t sk[32]);
void
crypto_x25519_dirty_small
(uint8_t
pk[32], const uint8_t sk[32]);
Both functions generate a Curve25519 public key
pk from the given secret key sk.
The public keys are on the whole curve, rather than just
the main prime-order subgroup. Both do the same with different code size and
memory characteristics: crypto_x25519_dirty_fast
()
uses multiple large temporary variables and functions that are normally used
internally for
crypto_sign(3monocypher).
Accordingly, it uses both more memory (for the temporary variables) and more
code size (unless the signing code is already compiled in elsewhere).
crypto_x25519_dirty_small
() yields the same result
with less code, less memory, and more time than
crypto_x25519_dirty_fast
().
The resulting public keys are to be used with crypto_x25519(3monocypher), which clears the cofactor.
crypto_x25519_dirty_fast
() and
crypto_x25519_dirty_small
() functions first appeared
in Monocypher 3.1.0.
February 13, 2022 | Debian |