avoid duplicate work and improve notation in pairings

c5c36129 · Peter Bruin · b6d45893 · c5c36129
Commit c5c36129 authored Feb 13, 2019 by Peter Bruin
Hide whitespace changes
Inline Side-by-side

Showing with 22 additions and 21 deletions

jacobian/pairings.c jacobian/pairings.c +22 -21

No files found.
--- a/jacobian/pairings.c
+++ b/jacobian/pairings.c
@@ -174,13 +174,13 @@ iso(GEN X, GEN c, GEN D, GEN W_E, GEN s, GEN u, GEN v) {
 }

 static void
-torsion_data(GEN J, GEN W_D, GEN u_D, GEN c,
+torsion_data(GEN J, GEN W_D, GEN W_D0, GEN c,
 	     GEN *D, GEN *s, GEN *v) {
  long i, j, l, m = lg(c);

  *D = cgetg(m + 2, t_VEC);  /* D_i = gel(*D, i + 1) */
  *s = cgetg(m, t_VEC);
-  gel(*D, 1) = curve_multiply_section_subspace(J, u_D, curve_V(J, 1));
+  gel(*D, 1) = W_D0;
  gel(*D, 2) = W_D;
  for (l = 2; l <= m; l++) {
    i = mael(c, l - 1, 1);
@@ -212,7 +212,7 @@ torsion_data(GEN J, GEN W_D, GEN u_D, GEN c,
 GEN
 jacobian_tate_pairing(GEN J, GEN W_D, GEN W_E, long n) {
  GEN q = curve_base_field_cardinality(J);
-  GEN c, D, s, u, v, Iplus, Iminus;
+  GEN c, D, W_D0, s, u, v, Iplus, Iminus;
  pari_sp av = avma;

  if (n <= 0 || smodis(q, n) != 1)
@@ -225,7 +225,8 @@ jacobian_tate_pairing(GEN J, GEN W_D, GEN W_E, long n) {

  c = addflip_chain(stoi(n));
  u = gel(curve_V(J, 1), 1);
-  torsion_data(J, W_D, u, c, &D, &s, &v);
+  W_D0 = curve_multiply_section_subspace(J, u, curve_V(J, 1));
+  torsion_data(J, W_D, W_D0, c, &D, &s, &v);

  Iplus = iso(J, c, D, jacobian_zero(J), s, u, v);
  Iminus = iso(J, c, D, W_E, s, u, v);
@@ -234,7 +235,7 @@ jacobian_tate_pairing(GEN J, GEN W_D, GEN W_E, long n) {
 }

 static GEN
-eval_half(GEN X, GEN c, GEN D, GEN W_E, GEN s, GEN u, GEN v) {
+eval_half(GEN X, GEN c, GEN u, GEN D, GEN s, GEN v, GEN W_E) {
  unsigned long p = curve_base_field_characteristic(X);
  GEN T = curve_base_field_polynomial(X);
  long m = lg(c);
@@ -272,12 +273,12 @@ eval_half(GEN X, GEN c, GEN D, GEN W_E, GEN s, GEN u, GEN v) {
 }

 static GEN
-eval_function(GEN J, GEN c, GEN W_D, GEN u_D, GEN W_E, GEN u_E) {
-  GEN D, s_D, v_D;
-  GEN W0_E = curve_multiply_section_subspace(J, u_E, curve_V(J, 1));
-  torsion_data(J, W_D, u_D, c, &D, &s_D, &v_D);
-  return gdiv(eval_half(J, c, D, W_E, s_D, u_D, v_D),
-	      eval_half(J, c, D, W0_E, s_D, u_D, v_D));
+eval_function(GEN J, GEN c, GEN W_D, GEN W_D0, GEN u_D0,
+	      GEN W_E, GEN W_E0) {
+  GEN D, s, v;
+  torsion_data(J, W_D, W_D0, c, &D, &s, &v);
+  return gdiv(eval_half(J, c, u_D0, D, s, v, W_E),
+	      eval_half(J, c, u_D0, D, s, v, W_E0));
 }

 static long
@@ -293,7 +294,7 @@ divisors_disjoint(GEN J, GEN W_D, GEN W_E) {

 GEN
 jacobian_weil_pairing(GEN J, GEN W_D, GEN W_E, long n) {
-  GEN c, W, Z, u_D, u_E, f_E, g_D;
+  GEN c, u_D0, W_D0, u_E0, W_E0, f_E, g_D;
  pari_sp av = avma;

  if (jacobian_type(J) != JACOBIAN_TYPE_MEDIUM)
@@ -305,17 +306,17 @@ jacobian_weil_pairing(GEN J, GEN W_D, GEN W_E, long n) {
    W_E = jacobian_random_presentation(J, W_E);

  do {
-    u_D = curve_random_section(J, curve_V(J, 1));
-    W = curve_multiply_section_subspace(J, u_D, curve_V(J, 1));
-  } while (!divisors_disjoint(J, W, W_E));
+    u_D0 = curve_random_section(J, curve_V(J, 1));
+    W_D0 = curve_multiply_section_subspace(J, u_D0, curve_V(J, 1));
+  } while (!divisors_disjoint(J, W_D0, W_E));
  do {
-    u_E = curve_random_section(J, curve_V(J, 1));
-    Z = curve_multiply_section_subspace(J, u_E, curve_V(J, 1));
-  } while (!divisors_disjoint(J, Z, W_D)
-	   || !divisors_disjoint(J, W, Z));
+    u_E0 = curve_random_section(J, curve_V(J, 1));
+    W_E0 = curve_multiply_section_subspace(J, u_E0, curve_V(J, 1));
+  } while (!divisors_disjoint(J, W_E0, W_D)
+	   || !divisors_disjoint(J, W_E0, W_D0));

-  f_E = eval_function(J, c, W_D, u_D, W_E, u_E);
-  g_D = eval_function(J, c, W_E, u_E, W_D, u_D);
+  f_E = eval_function(J, c, W_D, W_D0, u_D0, W_E, W_E0);
+  g_D = eval_function(J, c, W_E, W_E0, u_E0, W_D, W_D0);

  return gerepileupto(av, gdiv(f_E, g_D));
 }