Expand description
A framework for finite fields.
Modules§
- coset
- exponentiation
- extension
- integers
- A collection of traits and macros which convert primitive integer types into field elements.
- interleaves
- A file containing a collection of architecture-specific interleaving functions. Used for PackedFields to implement interleaving operations.
- op_
assign_ macros - A collection of macros designed to implement simple operations whose implementations are often boilerplate based off some other operation.
Macros§
- impl_
add_ assign - Given a struct which implements
AddimplementAddAssign<T>for any typeTwhich implementsInto<Self>. - impl_
add_ base_ field - Given two structs
AlgandFieldwhereAlgimplementsFrom<Field>, implementAdd<Field>forAlgandAdd<Alg>forField. - impl_
div_ methods - Given two structs
AlgandFieldwhereAlgimplementsFrom<Field>, implementDiv<Field>andDivAssign<Field>forAlg. - impl_
mul_ base_ field - Given two structs
AlgandFieldwhereAlgimplementsFrom<Field>, implementMul<Field>forAlgandMul<Alg>forField. - impl_
mul_ methods - Given a struct which implements
MulimplementMulAssign<T>for any typeTwhich implementsInto<Self>. - impl_
packed_ field_ pow_ 2 - A macro to implement the PackedFieldPow2 trait for PackedFields. The macro assumes that the PackedFields
have a
to_vectorandfrom_vectormethod, which convert between the PackedField and a packed vector. - impl_
packed_ value - Given
FieldandAlgebrastructs whereAlgebrais simply a wrapper around[Field; N]implementPackedValueforAlgebra. - impl_
raw_ serializable_ primefield32 - A simple macro which allows us to implement the
RawSerializabletrait for any 32-bit field. The field must implement PrimeField32. - impl_
raw_ serializable_ primefield64 - A simple macro which allows us to implement the
RawSerializabletrait for any 64-bit field. The field must implement PrimeField64 (and should not implement PrimeField32). - impl_
rng - Given a struct
Algwhich is a wrapper over[Field; N]for someN, implementDistribution<Alg>forStandardUniform. - impl_
sub_ assign - Given a struct which implements
SubimplementSubAssign<T>for any typeTwhich implementsInto<Self>. - impl_
sub_ base_ field - Given two structs
AlgandFieldwhereAlgimplementsFrom<Field>, implementSub<Field>forAlgandSub<Alg>forField. - impl_
sum_ prod_ base_ field - Given two structs
AlgandFieldwhereAlgimplementsFrom<Field>, implementSum<Field> and Product<Field>forAlg. - quotient_
map_ large_ iint - For large signed integer types, a simple method which is usually good enough is to simply check the sign and use this to pass to the equivalent unsigned method.
- quotient_
map_ large_ uint - If the unsigned integer type is large enough, there is often no method better for
from_intthan just doing a modular reduction to a smaller type. - quotient_
map_ small_ int - If the integer type is smaller than the field order all possible inputs are canonical.
In such a case we can easily implement
QuotientMap<SmallInt>as all three methods will coincide. - quotient_
map_ small_ internals - This allows us to avoid some duplication which arises when working with fields which contain a generic parameter.
- ring_
sum - Given a struct which implements
AddimplementSum.
Structs§
- Bounded
Powers - Same as
Powers, but returns a bounded number of powers. - Field
Array - Powers
- An iterator which returns the powers of a base element
bshifted by currentc:c, c * b, c * b^2, ....
Traits§
- Algebra
- A ring
RimplementsAlgebra<F>if there is an injective homomorphism fromFintoR; in particular onlyF::ZEROmaps toR::ZERO. - Based
Vector Space - A vector space
VoverFwith a fixed basis. Fixing the basis allows elements ofVto be converted to and fromDIMENSIONmany elements ofFwhich are interpreted as basis coefficients. - Dup
- Cheap duplication for prime-characteristic ring elements used in hot paths.
- Extension
Field - A field
EFwhich is also an algebra over a fieldF. - Field
- A field
F. This permits both modular fieldsℤ/palong with their field extensions. - Injective
Monomial - A ring implements
InjectiveMonomial<N>if the algebraic functionf(x) = x^Nis an injective map on elements of the ring. - Packable
- A trait to constrain types that can be packed into a packed value.
- Packed
Field - An array of field elements which can be packed into a vector for SIMD operations.
- Packed
Field Extension - Fix a field
Fa packing widthWand an extension fieldEFofF. - Packed
Field Pow2 - Safety
- Packed
Value - A trait for array-like structs made up of multiple scalar elements.
- Permutation
Monomial - A ring implements
PermutationMonomial<N>if the algebraic functionf(x) = x^Nis invertible and thus acts as a permutation on elements of the ring. - Prime
Characteristic Ring - A commutative ring,
R, with prime characteristic,p. - Prime
Field - A field isomorphic to
ℤ/pfor some primep. - Prime
Field32 - A prime field
ℤ/pwith orderp < 2^32. - Prime
Field64 - A prime field
ℤ/pwith order,p < 2^64. - RawData
Serializable - A collection of methods designed to help hash field elements.
- Sponge
Padding Value - Values that can act as sponge lanes for delimiter padding.
- TwoAdic
Field - A field which supplies information like the two-adicity of its multiplicative group, and methods for obtaining two-adic generators.
Functions§
- absorb_
radix_ bits - Bit length of
F::ORDER_U32 - 1, i.e. the smallestbwithF::ORDER_U32 - 1 < 2^b. - add_
scaled_ slice_ in_ place - Adds
other, scaled bys, to the mutablesliceusing packing, orslice += other * s. - batch_
multiplicative_ inverse - Batch multiplicative inverses with Montgomery’s trick This is Montgomery’s trick. At a high level, we invert the product of the given field elements, then derive the individual inverses from that via multiplication.
- chunked_
linear_ combination - Linear combination over runtime-length slices, processing in chunks of
CHUNK. - chunked_
mixed_ dot_ product - Compute
Σ values[i] * coeffs[i]overNpairs. - cyclic_
subgroup_ coset_ known_ order - Computes a coset of a multiplicative subgroup whose order is known in advance.
- cyclic_
subgroup_ known_ order - Computes a multiplicative subgroup whose order is known in advance.
- dispatch_
chunked_ mixed_ dot_ product - Lower a runtime chunk size into a const-generic call to the fixed-chunk dot product.
- dot_
product - Maximally generic dot product.
- field_
to_ array - Extend a ring
Relementxto an array of lengthDby filling zeros. - halve_
u32 - Given an element x from a 32 bit field F_P compute x/2.
- halve_
u64 - Given an element x from a 64 bit field F_P compute x/2.
- injective_
pack_ bits - Largest
bsuch that every integer in[0, 2^b)maps injectively intoFvia [PrimeField32::from_int]. - max_
absorb_ injective_ limbs - Maximum limbs per
PrimeFieldrate slot when absorbing with radix $2^{\texttt{absorb_radix_bits::()}}$ (see reduce_packed). - max_
packed_ injective_ limbs - Maximum number of
PrimeField32elements packable intoPrimeFieldinjectively viareduce_packedwith the givenradix_bits(base-$2^{radix_bits}$ digits bounded byF::ORDER_U32 - 1). - max_
shifted_ absorb_ injective_ limbs - Maximum shifted limbs per
PrimeFieldrate slot when absorbing with radix $2^{\texttt{absorb_radix_bits::()}}$ (see reduce_packed_shifted). - max_
shifted_ packed_ injective_ limbs - Maximum number of shifted
PrimeField32elements packable intoPrimeFieldinjectively viareduce_packed_shiftedwith the givenradix_bits. - packed_
mod_ add - Add two arrays of integers modulo
Pusing packing. - packed_
mod_ sub - Subtract two arrays of integers modulo
Pusing packing. - par_
add_ scaled_ slice_ in_ place - Adds
other, scaled bys, to the mutablesliceusing packing, orslice += other * s. - par_
scale_ slice_ in_ place - Scales each element of the slice by
susing packing and parallelization. - pf_
packed_ limbs_ cover_ order - Returns true iff every integer in
[0, SF::order())fits innum_limbslittle-endian base-2^radix_bitsdigits without truncation, i.e.2^{num_limbs · radix_bits} ≥ SF::order(). - reduce_
32 - Reduce a slice of 32-bit field elements into a single element of a larger field.
- reduce_
packed - Horner-evaluate
valsas base-$2^{radix_bits}$ digits intoTF. - reduce_
packed_ shifted - Horner-evaluate
valsas base-$2^{radix_bits}$ digits intoTF, shifting each digit by+1. - scale_
slice_ in_ place_ single_ core - Scales each element of the slice by
susing packing. - split_
32 - Split a large field element into
nbase-$2^{64}$ chunks and map each into a 32-bit field. - split_
pf_ to_ field_ order_ limbs - Split
valintonum_limbslittle-endian base-|TF|limbs, each mapped intoTF. - split_
pf_ to_ packed_ limbs - Split
valintonum_limbslittle-endian base-2^radix_bitslimbs, each mapped intoTF. - squeeze_
field_ order_ num_ limbs - Number of
TFlimbs with statistical bias< 1/|TF|when decomposing a uniformly randomPFelement in base|TF|(seesplit_pf_to_field_order_limbs).