[Cfrg] FW: draft-irtf-cfrg-eddsa - verification signature options

Jim Schaad <ietf@augustcellars.com> Sat, 09 July 2016 23:35 UTC

Return-Path: <ietf@augustcellars.com>
X-Original-To: cfrg@ietfa.amsl.com
Delivered-To: cfrg@ietfa.amsl.com
Received: from localhost (localhost []) by ietfa.amsl.com (Postfix) with ESMTP id 6CBBB12B028 for <cfrg@ietfa.amsl.com>; Sat, 9 Jul 2016 16:35:00 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -1.287
X-Spam-Status: No, score=-1.287 tagged_above=-999 required=5 tests=[RP_MATCHES_RCVD=-1.287] autolearn=ham autolearn_force=no
Received: from mail.ietf.org ([]) by localhost (ietfa.amsl.com []) (amavisd-new, port 10024) with ESMTP id REpUw7IFFv7P for <cfrg@ietfa.amsl.com>; Sat, 9 Jul 2016 16:34:59 -0700 (PDT)
Received: from mail2.augustcellars.com (augustcellars.com []) (using TLSv1.2 with cipher ECDHE-RSA-AES256-SHA384 (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 4106F12B004 for <cfrg@ietf.org>; Sat, 9 Jul 2016 16:34:59 -0700 (PDT)
Received: from hebrews ( by mail2.augustcellars.com ( with Microsoft SMTP Server (TLS) id 15.0.1178.4; Sat, 9 Jul 2016 16:40:50 -0700
From: Jim Schaad <ietf@augustcellars.com>
To: <cfrg@ietf.org>
Date: Sat, 9 Jul 2016 16:34:27 -0700
Message-ID: <02b601d1da3a$70327b90$509772b0$@augustcellars.com>
MIME-Version: 1.0
Content-Type: text/plain; charset="us-ascii"
Content-Transfer-Encoding: 7bit
X-Mailer: Microsoft Outlook 16.0
Thread-Index: AdHaOlW0Cgr5cJ94RNeGzPsXetW9owAABDvw
Content-Language: en-us
X-Originating-IP: []
Archived-At: <https://mailarchive.ietf.org/arch/msg/cfrg/RdG5y2OGj3QdNCxAglPHg-XjkH8>
Resent-From: <alias-bounces@ietf.org>
Resent-To: @ietf.org
Subject: [Cfrg] FW: draft-irtf-cfrg-eddsa - verification signature options
X-BeenThere: cfrg@irtf.org
X-Mailman-Version: 2.1.17
Precedence: list
List-Id: Crypto Forum Research Group <cfrg.irtf.org>
List-Unsubscribe: <https://www.irtf.org/mailman/options/cfrg>, <mailto:cfrg-request@irtf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/cfrg/>
List-Post: <mailto:cfrg@irtf.org>
List-Help: <mailto:cfrg-request@irtf.org?subject=help>
List-Subscribe: <https://www.irtf.org/mailman/listinfo/cfrg>, <mailto:cfrg-request@irtf.org?subject=subscribe>
X-List-Received-Date: Sat, 09 Jul 2016 23:35:00 -0000

Forgot to CC the research group

> -----Original Message-----
> From: Jim Schaad [mailto:ietf@augustcellars.com]
> Sent: Saturday, July 09, 2016 4:34 PM
> To: 'draft-irtf-cfrg-eddsa@tools.ietf.org'
> Subject: draft-irtf-cfrg-eddsa - verification signature options
> Please discuss the trade off so I can know which I should be implementing
> step #3 in section 5.1.7 discussing verification of signatures.
> There are two equations given for checking the result.  However, there is
> discussion of the tradeoffs between the two equations.   It appears to me
> the only difference is some extra scalar multiplication that should never
> the result, and there should be skipped for the purpose of speed.  This is
not the
> formula that is given first and I would assume has preference for some
> Jim