Re: [CFRG] I-D Action: draft-irtf-cfrg-hash-to-curve-16.txt
Jeff Burdges <burdges@gnunet.org> Tue, 10 January 2023 12:25 UTC
Return-Path: <burdges@gnunet.org>
X-Original-To: cfrg@ietfa.amsl.com
Delivered-To: cfrg@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 6D06AC16ED0E; Tue, 10 Jan 2023 04:25:07 -0800 (PST)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -1.897
X-Spam-Level:
X-Spam-Status: No, score=-1.897 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, RCVD_IN_ZEN_BLOCKED_OPENDNS=0.001, SPF_HELO_NONE=0.001, SPF_PASS=-0.001, URIBL_DBL_BLOCKED_OPENDNS=0.001, URIBL_ZEN_BLOCKED_OPENDNS=0.001] autolearn=ham autolearn_force=no
Received: from mail.ietf.org ([50.223.129.194]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id 0HePlwoVNav3; Tue, 10 Jan 2023 04:25:03 -0800 (PST)
Received: from mailout2.rbg.tum.de (mailout2.rbg.tum.de [131.159.0.202]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature RSA-PSS (2048 bits) server-digest SHA256) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 657B1C16ECF1; Tue, 10 Jan 2023 04:25:02 -0800 (PST)
Received: from mailrelay1.rbg.tum.de (mailrelay1.in.tum.de [IPv6:2a09:80c0:254::14]) by mailout2.rbg.tum.de (Postfix) with ESMTPS id 25CF94C02E3; Tue, 10 Jan 2023 13:25:00 +0100 (CET)
Received: by mailrelay1.rbg.tum.de (Postfix, from userid 112) id 2146918A; Tue, 10 Jan 2023 13:25:00 +0100 (CET)
Received: from mailrelay1.rbg.tum.de (localhost [127.0.0.1]) by mailrelay1.rbg.tum.de (Postfix) with ESMTP id 5BA97110; Tue, 10 Jan 2023 13:24:57 +0100 (CET)
Received: from sam.net.in.tum.de (sam.net.in.tum.de [IPv6:2001:4ca0:2001:42:225:90ff:fe6b:d60]) by mailrelay1.rbg.tum.de (Postfix) with ESMTP id 569738E; Tue, 10 Jan 2023 13:24:57 +0100 (CET)
Received: from aletheia (sam.net.in.tum.de [IPv6:2001:4ca0:2001:42:225:90ff:fe6b:d60]) by sam.net.in.tum.de (Postfix) with ESMTP id 6097E1C00D7; Tue, 10 Jan 2023 13:25:28 +0100 (CET)
Date: Tue, 10 Jan 2023 07:24:55 -0500
From: Jeff Burdges <burdges@gnunet.org>
To: "cfrg@ietf.org" <cfrg@ietf.org>
Cc: "i-d-announce@ietf.org" <i-d-announce@ietf.org>, "cfrg@ietf.org" <cfrg@ietf.org>
Message-ID: <EFF129CF-1499-4A77-A9F8-3D3927D4E13A@getmailspring.com>
In-Reply-To: <165529700030.24248.18244955903059665206@ietfa.amsl.com>
References: <165529700030.24248.18244955903059665206@ietfa.amsl.com>
X-Mailer: Mailspring
MIME-Version: 1.0
Content-Type: text/plain; charset="utf-8"
Content-Transfer-Encoding: 7bit
Content-Disposition: inline
Archived-At: <https://mailarchive.ietf.org/arch/msg/cfrg/bXd5R1qvvgeGKunr88LrMxpOvPU>
Subject: Re: [CFRG] I-D Action: draft-irtf-cfrg-hash-to-curve-16.txt
X-BeenThere: cfrg@irtf.org
X-Mailman-Version: 2.1.39
Precedence: list
List-Id: Crypto Forum Research Group <cfrg.irtf.org>
List-Unsubscribe: <https://www.irtf.org/mailman/options/cfrg>, <mailto:cfrg-request@irtf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/cfrg/>
List-Post: <mailto:cfrg@irtf.org>
List-Help: <mailto:cfrg-request@irtf.org?subject=help>
List-Subscribe: <https://www.irtf.org/mailman/listinfo/cfrg>, <mailto:cfrg-request@irtf.org?subject=subscribe>
X-List-Received-Date: Tue, 10 Jan 2023 12:25:07 -0000
Appears hash_to_field and expand_message should not involve an arbitrary counter. Instead, they should either (a) be specified in terms of some squeeze behavior, or else (b) have the counter restricted somehow. I'm sure (b) suffices since hash_to_field needs a counter of only one or two. In fact, you could merely say the counter is a constant, not a runtime variable. An implementation that uses a constant is then compliant, while an implementation that uses a runtime variable "exceeds" the spec, which is fine. As is, this adds implementation complexity for platforms without a dynamic allocator, ala https://github.com/arkworks-rs/algebra/issues/572 Best, Jeff On Jun 15 2022, at 8:43 am, internet-drafts@ietf.org wrote: > > A New Internet-Draft is available from the on-line Internet-Drafts directories. > This draft is a work item of the Crypto Forum RG of the IRTF. > > Title : Hashing to Elliptic Curves > Authors : Armando Faz-Hernandez > Sam Scott > Nick Sullivan > Riad S. Wahby > Christopher A. Wood > Filename : draft-irtf-cfrg-hash-to-curve-16.txt > Pages : 175 > Date : 2022-06-15 > > Abstract: > This document specifies a number of algorithms for encoding or > hashing an arbitrary string to a point on an elliptic curve. This > document is a product of the Crypto Forum Research Group (CFRG) in > the IRTF. > > > The IETF datatracker status page for this draft is: > https://datatracker.ietf.org/doc/draft-irtf-cfrg-hash-to-curve/ > > There is also an HTML version available at: > https://www.ietf.org/archive/id/draft-irtf-cfrg-hash-to-curve-16.html > > A diff from the previous version is available at: > https://www.ietf.org/rfcdiff?url2=draft-irtf-cfrg-hash-to-curve-16 > > > Internet-Drafts are also available by rsync at rsync.ietf.org::internet-drafts > > > _______________________________________________ > CFRG mailing list > CFRG@irtf.org > https://www.irtf.org/mailman/listinfo/cfrg >
- [CFRG] I-D Action: draft-irtf-cfrg-hash-to-curve-… internet-drafts
- Re: [CFRG] I-D Action: draft-irtf-cfrg-hash-to-cu… Jeff Burdges
- Re: [CFRG] I-D Action: draft-irtf-cfrg-hash-to-cu… Mike Hamburg
- Re: [CFRG] I-D Action: draft-irtf-cfrg-hash-to-cu… Jeff Burdges