blind_salt, const uint8_t private_key,
const uint8_t curve_point);
function performs scalar multiplication of the multiplicative inverse of a
scalar for X25519.
This is a highly
advanced, specialized feature; unless you are implementing a
protocol that requires this specifically,
you likely have no
reason to be using these functions and are probably looking for
Expect elliptic curve jargon on this page.
This function is used, for example, with exponential blinding in oblivious pseudo-random functions (OPRFs). The arguments are:
- The output point.
- The private key (scalar) to use. First, the value is clamped, then the clamped value's multiplicative inverse (modulo the curve order) is determined. The clamped value's multiplicative inverse then has its cofactor cleared, and that final value is then used for scalar multiplication.
- The curve point on X25519 to multiply with the multiplicative inverse (modulo the curve order) of private_key.
crypto_x25519_inverse() function first
appeared in Monocypher 3.1.0.
|February 13, 2022||Debian|