0

How to implement an algorithm for dividing by the number Z (scalar) of a point lying on an elliptic curve?

Curve like: y^2 = x^3 + A * x + B

A, B and the number Z are known.

The point is arbitrary, lying on the curve. Operations are performed in the ring of residues. In more detail:

In the case of considering the EC over a finite field, the algorithm for dividing a point by 2 can be implemented as follows:

EC – y^2=x^3+ax+b over the field GF(P),

n is the number of points (including the point at infinity),

P and n are prime numbers,

Q is the point on the elliptic curve to be divided by 2,

W is the point on the elliptic curve that results from dividing Q by 2.

Algorithm:

Q/2 = W --> W ≡ Q * (2^(-1))(mod n) that is, you need to multiply Q by the multiplicatively inverse number (inverse) modulo.

For 2 inverse (2^(-1)) (mod n) is the same as ((n-1)/2)+1.

W ≡ Q * (((n-1)/2)+1)(mod n)

For any other number r:

W ≡ Q * (r^(-1) mod n)

wrote a code in python, but instead of dividing by 2, the point is multiplied The result of dividing the point by 2:

x=0xe493dbf1c10d80f3581e4904930b1404cc6c13900ee0758474fa94abe8c4cd13 y=0x51ed993ea0d455b75642e2098ea51448d967ae33bfbdfe40cfe97bdc47739922 and it should work
x=0x79be667ef9dcbbac55a06295ce870b07029bfcdb2dce28d959f2815b16f81798 y=0x483ada7726a3c4655da4fbfc0e1108a8fd17b448a68554199c47d08ffb10d4b8

help to achieve that the script would divide the point, and not multiply, it's completely confused already.


# Координаты точки на кривой Secp256k1
x = 0xc6047f9441ed7d6d3045406e95c07cd85c778e4b8cef3ca7abac09b95c709ee5
y = 0x1ae168fea63dc339a3c58419466ceaeef7f632653266d0e1236431a950cfe52a

# Коэффициенты кривой Secp256k1
# n = 0xfffffffffffffffffffffffffffffffebaaedce6af48a03bbfd25e8cd0364141
p = 0xFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFEFFFFFC2F
a = 0x0000000000000000000000000000000000000000000000000000000000000000
b = 0x0000000000000000000000000000000000000000000000000000000000000007

# Функция для деления точки на 2
def divide_point_by_2(x, y, p, a, b):
    # Вычисление модулярного обратного элемента
    def mod_inverse(n, p):
        return pow(n, p-2, p)

    # Вычисление коэффициента наклона
    s = (3 * pow(x, 2) + a) * mod_inverse(2 * y, p) % p

    # Вычисление новых координат точки
    xr = (pow(s, 2) - 2 * x) % p
    yr = (s * (x - xr) - y) % p

    return xr, yr

# Деление точки на 2
xr, yr = divide_point_by_2(x, y, p, a, b)

# Вывод результатов
print("Результат деления точки на 2:")
print("x =", hex(xr))
print("y =", hex(yr))
President James K. Polk
  • 40,516
  • 21
  • 95
  • 125
manu
  • 21
  • 3
  • You probably want to post this in Russian over on [Stack Overflow на русском](https://ru.stackoverflow.com/) instead. A fair bit was lost in your translation. – Mike 'Pomax' Kamermans Aug 05 '23 at 16:05
  • As I see this `Q * (r^(-1) mod n)` for r>1 `1/r` can not be joined with `mod n`, but `Q/r` can. I think you should review your parenthesis – Ripi2 Aug 05 '23 at 17:18
  • I think you need to write a scalar multiplication function first, then to divide, multiply by the modular inverse. – Simon Goater Aug 05 '23 at 18:21
  • Your write-up doesn't really make sense. I suspect what you're asking is: given a point Q, find a point W such that z\*W = Q, where z is an integer and '\*' is scalar multiplication in the elliptic curve group. – President James K. Polk Aug 06 '23 at 17:17

0 Answers0