Re: [CFRG] Small subgroup question for draft-irtf-cfrg-hash-to-curve

"Scott Fluhrer (sfluhrer)" <sfluhrer@cisco.com> Fri, 09 April 2021 18:26 UTC

Return-Path: <sfluhrer@cisco.com>
X-Original-To: cfrg@ietfa.amsl.com
Delivered-To: cfrg@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id C66A43A2A1E for <cfrg@ietfa.amsl.com>; Fri, 9 Apr 2021 11:26:04 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -11.917
X-Spam-Level:
X-Spam-Status: No, score=-11.917 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, DKIM_VALID_EF=-0.1, HTML_MESSAGE=0.001, RCVD_IN_DNSWL_MED=-2.3, RCVD_IN_MSPIKE_H3=-0.01, RCVD_IN_MSPIKE_WL=-0.01, SPF_NONE=0.001, URIBL_BLOCKED=0.001, USER_IN_DEF_DKIM_WL=-7.5] autolearn=ham autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (1024-bit key) header.d=cisco.com header.b=BFWglvRU; dkim=pass (1024-bit key) header.d=cisco.onmicrosoft.com header.b=RLjVckHR
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id le90Gncqiw88 for <cfrg@ietfa.amsl.com>; Fri, 9 Apr 2021 11:25:58 -0700 (PDT)
Received: from alln-iport-5.cisco.com (alln-iport-5.cisco.com [173.37.142.92]) (using TLSv1.2 with cipher DHE-RSA-SEED-SHA (128/128 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id AFDDA3A2A1C for <cfrg@irtf.org>; Fri, 9 Apr 2021 11:25:58 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple; d=cisco.com; i=@cisco.com; l=7320; q=dns/txt; s=iport; t=1617992758; x=1619202358; h=from:to:cc:subject:date:message-id:references: in-reply-to:mime-version; bh=akx52jtYjS00YwVCNdWeRc63ozJAgHMiwSlFC619PTg=; b=BFWglvRUANzsSNlcl714nduCKspegnLV1VxmWTs4XZISI1+6a3Vmzr5I UQeI2GwKDF8/wXqvL9lAmcRfF7BK7BGlRFAKwrotg+SqmYgv7krLuy52i ITyQO6fbK5o7735nRapAQRhZeMJXNYVK9tHeycqdiObi9Z+NlKwkhWIOo o=;
X-IPAS-Result: A0DpAQDZm3BgmJBdJa1aDg4BAQEBAQEHAQESAQEEBAEBghKBIzBRflo2MQqEOINIA4U5iFeURYR2glMDVAsBAQENAQEyAgQBAYRQAheBYAIlOBMCAwEBAQMCAwEBAQEBBQEBAQIBBgQUAQEBAQEBAQFohVANhkQBAQEBAyMKEwEBNwEPAgEIEQQBARkPAwICAjAUCQgCBAENBQiCaQGBflcDLwGgdwKKH3eBMoEBggQBAQaFLBiCEwmBOYJ2hAcBAYJag3QnHIFJQoETQ4JfPoREDCgZgkg1giuCFy1uHYITlSCHaZ5ZCoMLkQCMH6RxlRWjKQIEAgQFAg4BAQaBayGBW3AVgyRQFwIOjh8LDgmDTooYQXM4AgYBCQEBAwl8iXaBEAGBDgEB
IronPort-PHdr: A9a23:Dd3pQBVCPy4H83kedQ/huVOT5evV8K0AAWYlgqEPgq9Scqml45XpN VDe4vMollLSQIHH8Jpsh+/fqaumWGEc79CGqn9ROJBPVhpQj8IQkkRgBcOeEkT0IbbsaDByB 8VNUlJpvhTZeUhYEcrzfRve93u16zNBFhD2LwEzJ+npFMjVlcvkn+y38ofYNgNPgjf1aLhuL RKw+APWsMRegYZrJqsrjBXTpX4dcOVNzmQuLlWWzH7B
IronPort-HdrOrdr: A9a23:4naaUaDT4UtjIuLlHej+tceALOonbusQ8zAX/mhLY1h8btGYm8 eynP4SyB/zj3IrVGs9nM2bUZPgfVr1zrQwxYUKJ7+tUE3duGWuJJx/9oeK+VPdMgXE3Kpm2a 9kGpIQNPTZB1J3lNu/xQG+HcopztXvytHWuc715R5WPGZXQotn6Bp0DRveN0VwShVPC5ZRLu vj2uNsoT28dXMLKvmqH3VtZZmMm/TntrLDJSQHCRku9RWUgVqTiILSPhCE0n4lIkhy6Jg492 ytqX2d2oyCtLWBxgbYxyvv6f1t6afc4/9iIODJtcQPMDXrjW+TFcVccpmPpio8ru3qyHtCqq i3nz4aM85+62zccwiOyHOHsWSNoVVeiUPK8lOWjWDupsb0XlsBerd8rLhEeRjU4VdIhqAb7I t33nmUv5cSLRTMkDWV3amxazhWl1G5qXdnrOgLj3Y3a/pmVJZtq+UkjSdoOaZFOBi/xJEsEe FoAs2Zzu1Ra0mmY3fQuXQq6MCwX1wody32AnQqi4iw6Xx7jXp5x0wXyIg0hXEb7q8wTJFC+q DtLrlorrdTVcUbBJgNR9spcI+SMCjgUBjMOGWdLRDMD6ccIU/ArJbx/fET6Py1focLiL8/go 7IXl8dlWNaQTOtNeS+mLlwtjzdSmS0WjrgjutE4YJih7H6TL33dSKZTlQjlNahvuUfDsXXV+ 3bAuMTP9bTaU/VXapZ1Qz3XJdfbVMEVtcOh9o9U1WS5sLHQ7ea8dDzQbL2Hv7AADwkUmTwDj 8oRz7oPvhN6UitRzv9iBjVUHX9Z1zn8ftLYe7n1tlW7LJIGpxHswATh1j8zNqMMyd+vqs/e1 Y7JqjmnKO9rWy/5n3J8G1tJxpYAi9ukfDdekIPgTVPH1L/cL4FtdnaU3tVxmG7Khh2SN6TDB RSvE1t+aW8L4WZwCcrD97PCBPCs1Ij4FaxC7sMkKyK4snoPq4iBpE9QaprCEHgDBpugztnr2 9FdS4JTkLSDSnVlK2glZAYbduvL+VUsUOOG4p0oWianViArcsvL0FrLgKGYIqyu0ISYBZ6wn d26LQShbKcny3HExpOvM0IdHtWaGqWB7paCh+if4s8oMGxRChACUGXmDedlxY/Pk3t+kl6vB 29EQSkPdfWH1FapndUlpzPzWoxXGCcc0VsA0oK67FVHXjau3p1zO+Abrey1WzUcVcZ3uQBKl j+EEgvCxIryNat2BGPnjGeUX0g25U1J+TYSK8uarfJxxqWWcC1vLBDG/9f55B+Mt/y9ucNTO KEYgeQRQmIQN8BykiQpnw/PjNzp2RhmfT02Af95Gz92HIkG/LdLBBnQL4cSuvspVTMVrKN0J 9ji8gysvb1OmLtasSewaWSdiVdMHro0BiLZvBtrYoRsbM5tbN1EZWeWTzU1Gtf1BF7KMvvjk sRTKly/bipAP4iQ+UCPyZCulY5ntWGK0Um9hb7BeIzZlkhhX7WNdHh2cuBlZM/Rkma4AfgM1 iW9CNQu+rfVyyYzLgAFuY+J39VZEVU0gUswMqSM4nLTAOkeOFI8ADkbjuzcLpBRLOEHrtVpB Bg+N2Ml/KWcS292A24h0oOHotet2K8BcW1C0aQHOQN9dqwM1GFmLGr786+ly2fc0rzV20IwY leMVUNZcFCgCQ4hII50iKuWrX6y3hV5md28HVijBrxwYCo72fQAFFePQDYiptQWyNPMnLgt7 WzzcGIkHLn4DZE3pHfFEBfOtFWcuJgPLTKEw==
X-IronPort-Anti-Spam-Filtered: true
X-IronPort-AV: E=Sophos;i="5.82,210,1613433600"; d="scan'208,217";a="694973301"
Received: from rcdn-core-8.cisco.com ([173.37.93.144]) by alln-iport-5.cisco.com with ESMTP/TLS/DHE-RSA-SEED-SHA; 09 Apr 2021 18:25:57 +0000
Received: from mail.cisco.com (xbe-rcd-002.cisco.com [173.37.102.17]) by rcdn-core-8.cisco.com (8.15.2/8.15.2) with ESMTPS id 139IPvsw012679 (version=TLSv1.2 cipher=AES256-SHA bits=256 verify=OK); Fri, 9 Apr 2021 18:25:57 GMT
Received: from xfe-rcd-001.cisco.com (173.37.227.249) by xbe-rcd-002.cisco.com (173.37.102.17) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.2.792.3; Fri, 9 Apr 2021 13:25:57 -0500
Received: from xfe-rcd-004.cisco.com (173.37.227.252) by xfe-rcd-001.cisco.com (173.37.227.249) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.2.792.3; Fri, 9 Apr 2021 13:25:57 -0500
Received: from NAM12-MW2-obe.outbound.protection.outlook.com (72.163.14.9) by xfe-rcd-004.cisco.com (173.37.227.252) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.2.792.3 via Frontend Transport; Fri, 9 Apr 2021 13:25:57 -0500
ARC-Seal: i=1; a=rsa-sha256; s=arcselector9901; d=microsoft.com; cv=none; b=QwEnDuh11+uIV/K5E8i6u1NH9pxdu9D5tRu6uHVH+SvffOeMuz78Tm3myqAZah4DWlFKB7APymPlZAaIzr96Z1FoATOmPsZPmYnJB+CjVeoDYRAnULCr59gFD7KkIWSCdY4FesC4rvynZ+kVsNoOrCXBUgwuLigfg9DA9Cz2GQNGzH64xVcmhqZJmtBfLsqgGu6owDtj+TUDVmwWAYSqOjHvl6akrYhSsPM7EjfxxAWPXLV1gxeFygzQYqM8dGo6mdql5x9cpYsC64igMiU/XYzQn3hu3DoHqjTQHe27SdYHX7B3ZzICryO0TflX4ySBhGsILhWcv7iI70CEyz0EXw==
ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=microsoft.com; s=arcselector9901; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-SenderADCheck; bh=akx52jtYjS00YwVCNdWeRc63ozJAgHMiwSlFC619PTg=; b=jYZz45BwDQsEcCLKlXuuywq8hnEc6BUKPdio3eOw/022rdqqMf4Mee1qz8+RoGmSlLeElfAT4k9LjxM22x0tjrEQNIYwrIOp/zaeOGrWugh1WNUykeLHNYSgN/cqjhknBtAvXTxfqOjCfHbvZorfuwrBABliSEqurvqWxxNNQmH7DuePcfYe6/PpsL2qI3BPthRP+mb7ZGpEnQ+UjWLhT9wzGZlJXoGsSILuGqpbaYtNisf175bH4p95dkn4kZAmMmafuTFWE0OI7xf9KrgQgnlKfauxctQyU2Ba82m51RN69OniuXT2UhwTWIWf8RhFkbpMtPT7ZqYXwScxOySBkg==
ARC-Authentication-Results: i=1; mx.microsoft.com 1; spf=pass smtp.mailfrom=cisco.com; dmarc=pass action=none header.from=cisco.com; dkim=pass header.d=cisco.com; arc=none
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=cisco.onmicrosoft.com; s=selector2-cisco-onmicrosoft-com; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-SenderADCheck; bh=akx52jtYjS00YwVCNdWeRc63ozJAgHMiwSlFC619PTg=; b=RLjVckHRmEfjhADylpTtxbRo7l11FIVDOJGPqUl+zIZV+5VWtwXdE98+r1uoVO6dohP0il+zWrgacNAZGNRexKKBlYwudrT2YQXRs/VA0RutIhstOCKKbQYFEWeq9g4BzVhzxZdPfqtTYQEEUToECkIEZZJwkG8khd7/bCbCXAw=
Received: from BN7PR11MB2641.namprd11.prod.outlook.com (2603:10b6:406:b1::25) by BN6PR1101MB2132.namprd11.prod.outlook.com (2603:10b6:405:5b::22) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.20.4020.21; Fri, 9 Apr 2021 18:25:54 +0000
Received: from BN7PR11MB2641.namprd11.prod.outlook.com ([fe80::4543:b45a:9f32:bde0]) by BN7PR11MB2641.namprd11.prod.outlook.com ([fe80::4543:b45a:9f32:bde0%7]) with mapi id 15.20.3977.038; Fri, 9 Apr 2021 18:25:54 +0000
From: "Scott Fluhrer (sfluhrer)" <sfluhrer@cisco.com>
To: "Scott Fluhrer (sfluhrer)" <sfluhrer=40cisco.com@dmarc.ietf.org>, Mike Hamburg <mike@shiftleft.org>, "Hao, Feng" <Feng.Hao@warwick.ac.uk>
CC: CFRG <cfrg@irtf.org>
Thread-Topic: [CFRG] Small subgroup question for draft-irtf-cfrg-hash-to-curve
Thread-Index: AQHXLUacM7sBZ3ZdE0a+hIjdr1H+CqqsQ0gAgAADtICAABZvgIAAC3EAgAATDWCAAARIcA==
Date: Fri, 09 Apr 2021 18:25:53 +0000
Message-ID: <BN7PR11MB264116DF63B9930B6C421DEEC1739@BN7PR11MB2641.namprd11.prod.outlook.com>
References: <e270e62d-941d-0a87-7dc9-cf80f73b5aeb@jacaranda.org> <d0778523-5f5d-4327-b795-279918c1899c@www.fastmail.com> <CAMr0u6=PBX1W5zQFmpxKQ=ViUXN9QK00BREL4M0=2HOkaXaiZw@mail.gmail.com> <VI1SPR01MB03573585C37B871D200ECC23D6739@VI1SPR01MB0357.eurprd01.prod.exchangelabs.com> <4590aaa512acf5a482c9890ebe48f1760e5831a5.camel@loup-vaillant.fr> <F9593D27-3244-470E-89BE-85215B2DC9E7@shiftleft.org> <VI1SPR01MB0357AE729116A79C8DF70516D6739@VI1SPR01MB0357.eurprd01.prod.exchangelabs.com> <6F4F0566-3465-4C9C-8993-1B3FDFDDD792@shiftleft.org> <BN7PR11MB26410E0EB14DFE5DFB4B4F6EC1739@BN7PR11MB2641.namprd11.prod.outlook.com>
In-Reply-To: <BN7PR11MB26410E0EB14DFE5DFB4B4F6EC1739@BN7PR11MB2641.namprd11.prod.outlook.com>
Accept-Language: en-US
Content-Language: en-US
X-MS-Has-Attach:
X-MS-TNEF-Correlator:
authentication-results: dmarc.ietf.org; dkim=none (message not signed) header.d=none;dmarc.ietf.org; dmarc=none action=none header.from=cisco.com;
x-originating-ip: [173.38.117.73]
x-ms-publictraffictype: Email
x-ms-office365-filtering-correlation-id: 407c370b-77aa-4d3d-1d7a-08d8fb84e94d
x-ms-traffictypediagnostic: BN6PR1101MB2132:
x-microsoft-antispam-prvs: <BN6PR1101MB2132E29EC5FD1B588A0F7CB0C1739@BN6PR1101MB2132.namprd11.prod.outlook.com>
x-ms-oob-tlc-oobclassifiers: OLM:7691;
x-ms-exchange-senderadcheck: 1
x-microsoft-antispam: BCL:0;
x-microsoft-antispam-message-info: SWfd3d7mQYeKmDztTObDfQV/uy2cmjeFbOS8c6wT6NDqmBafg1gA9ACGxawIKR6EVs5uXE/JmMug6rYtkzxVl2Aj+FS63taCIeFybojP2qjBZRc/Hq9Px+aMoD1LJ+ZWE8taThdqYZbjxrbZKNtHQkjjM87XUiRLYkogYToAJii916xyvtx+sH3t2u8el2RBsFhWt+tA1YveOrLfpUDNlNvLJKLt6LZ5efTrVophIMu3uSwgQJ2aF3BGExbMwHpgbE3NuX1RRqrv1ZmUlZt/A5/6CB49yFIh1lZ5ROQ++r4ZmGvuyjvCntJmE0FmSMw3YdgOTPYKRFqpalhA/a2K2u/ytoc/EB9/cGaNrHJZTyrJ91q4mObJQLgJISAJ94AvV8XjRwgfX9XQfyFECenmLj+t08mEIp5PN90kalrw2B5gr5HhXTexel3+I0cJh80LIBY5xJ7nfRqHhiafefjJil077jM1BLXsaque7MYcKpgEdaXgpLu5plAbUaz/Dxq1B7trqL4WWHP1/EifunKFCBnB7DLjcm7ivtW2bHj316lHJKbsP2eKKgQg63r7M0U+u7MNysWVELI+SdrkIGYA8eTh/m7J1YKaVGNA8diYTe3JDSizW6u3ndVLbG6TDyzOScivCConntbGHqWJxpVuqC/F/XnKepDrH/qQjEXu3DM=
x-forefront-antispam-report: CIP:255.255.255.255; CTRY:; LANG:en; SCL:1; SRV:; IPV:NLI; SFV:NSPM; H:BN7PR11MB2641.namprd11.prod.outlook.com; PTR:; CAT:NONE; SFS:(136003)(396003)(346002)(39860400002)(376002)(366004)(38100700001)(83380400001)(2940100002)(8676002)(186003)(33656002)(71200400001)(5660300002)(2906002)(478600001)(55016002)(66446008)(66476007)(7696005)(9686003)(110136005)(64756008)(76116006)(66946007)(86362001)(4326008)(6506007)(53546011)(66556008)(26005)(52536014)(316002)(8936002); DIR:OUT; SFP:1101;
x-ms-exchange-antispam-messagedata: ch4sW7tlmfrGWthy1v+9yZThOFbLksdEhp8NA8uioT04N7XYXeN417l1RgzBQgM5JsbKwOm9ruMh+4SvyO74y84gJe4gPQqez/7WgwUqBzO7+YI/fO2ckpblFsEcf7LaJdB+jnNllYIhc2A5BFlovH69/b2/BdI/9SYlC6fEMFSopXZPJGwKdOzAEVUiYhnqoWtkgB9/0ABwdtYsTCjubsPg2X/c73NU7A5yVvWcw3m6/v0pOTf8Q8xybGg4awj3NQNNypqQL2lRf33tFGjQ8NtV5LNEzfjpaOxLHxCjzgRJ4xkdOzHmuSaIjEQxy6nto/T7yeyh3p/vThS9AQoeIUMuvtX6JDw3OQGoRgfGE9QbuA+8R6I4sc+mVOQpvdYfCy7II0xfvoxzBrUQlqXTJ5PZWKCP3j37cl+VdIDISQzJotQEECJ08bV5nBZ4E8QvwjHJn2aM/7svk2G/ZyDFwbTxhKC8pLyAOQCRrBfaCanvBt1+sNFuZLxfB3q7DfPugqp/+p96Ggka8miSoKnJr4gGHs+L66nmRXTtKtygmWxZf/D/oMgGbp1DMhQG0jePvTjvo9AtshpvVlM7BRFPz42TeW2jEKUB7259NPYSsYRp4X/chuOxwotK3NKa4xxclgsyncnL5F1C23xam+aAkBhIxEwCMcdQBsK5PzeMKbeO6woaECiC1byy9jJF9RV2yMVXGl6LdzZOQESpIa2Hvw7bU1vrWfg5q3iFQqQAyFu+BrkSXQ8JTvIhhu5gPoPSNtHDvx/X6ZB4oTUZYN4Zb+MpGT2OIsSpP4slAMCCKgGnaj7u8Vq4NDR1fsBNS6JFHu3j2QNUTZstyO2IxJ7p87JZDRDbZWysfoxB9iWbRVgB+JJam65x5tgAAJQnehfhfknqEiaRona6GxrTmq6g/0HdMMj4B3CWrywmy8lmeHjSjhVY4QxQx+yFK3c3jPjkuIBKuihKvgEOQiNPy3Bd3lnlcHcZibq6EYYsIgkv1i82X5YHBvGOgNn0RZcCMFTWMXBrHSXs0SJXDjyGz9lYi7c1aUYmq7A1V8eWSIFzxKv9JTTlszxt+GgeSYoxajr0ZAN/WxaIihImu8vKGx6Wt6bQl2BnDCD4BgNe53mfXLbag50Aglu0LWQHeXAR7Crp2IuRDHYSQrUmSFjTyODrR370MAmAjw0ET8KzdENuex6St35FmLD+BMRzD2rN55ta8iCBxw+vuusUKJv7tCN7QZgD4iaA4SxedAea5LNsdZvh743vzLZQkWm0HkoMoQP0EsiuXakWTEXLL782omTMSWFk9D3DuclSnuOeB5Yjj4afl9JoryQbc4pyFGru04Bk
x-ms-exchange-transport-forked: True
Content-Type: multipart/alternative; boundary="_000_BN7PR11MB264116DF63B9930B6C421DEEC1739BN7PR11MB2641namp_"
MIME-Version: 1.0
X-MS-Exchange-CrossTenant-AuthAs: Internal
X-MS-Exchange-CrossTenant-AuthSource: BN7PR11MB2641.namprd11.prod.outlook.com
X-MS-Exchange-CrossTenant-Network-Message-Id: 407c370b-77aa-4d3d-1d7a-08d8fb84e94d
X-MS-Exchange-CrossTenant-originalarrivaltime: 09 Apr 2021 18:25:54.0035 (UTC)
X-MS-Exchange-CrossTenant-fromentityheader: Hosted
X-MS-Exchange-CrossTenant-id: 5ae1af62-9505-4097-a69a-c1553ef7840e
X-MS-Exchange-CrossTenant-mailboxtype: HOSTED
X-MS-Exchange-CrossTenant-userprincipalname: xRmqp1zRv+msq1B9h1ciA7IZyR2CYXjbHNJS54mAIr50lG34GBmh6OuHDWtxN+nQ8oxC6MyzUY7yV0mJJ9iXdg==
X-MS-Exchange-Transport-CrossTenantHeadersStamped: BN6PR1101MB2132
X-OriginatorOrg: cisco.com
X-Outbound-SMTP-Client: 173.37.102.17, xbe-rcd-002.cisco.com
X-Outbound-Node: rcdn-core-8.cisco.com
Archived-At: <https://mailarchive.ietf.org/arch/msg/cfrg/sUugSEfQZ78iiWCKSmg3cRqpf60>
Subject: Re: [CFRG] Small subgroup question for draft-irtf-cfrg-hash-to-curve
X-BeenThere: cfrg@irtf.org
X-Mailman-Version: 2.1.29
Precedence: list
List-Id: Crypto Forum Research Group <cfrg.irtf.org>
List-Unsubscribe: <https://www.irtf.org/mailman/options/cfrg>, <mailto:cfrg-request@irtf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/cfrg/>
List-Post: <mailto:cfrg@irtf.org>
List-Help: <mailto:cfrg-request@irtf.org?subject=help>
List-Subscribe: <https://www.irtf.org/mailman/listinfo/cfrg>, <mailto:cfrg-request@irtf.org?subject=subscribe>
X-List-Received-Date: Fri, 09 Apr 2021 18:26:05 -0000

Correction: Opaque does use a hash-to-curve operation (used to translate the password into an elliptic curve point); if it happens to translate a specific password to a low order point, then that specific password is easy to test for; however there are no other implications…

From: CFRG <cfrg-bounces@irtf.org> On Behalf Of Scott Fluhrer (sfluhrer)
Sent: Friday, April 9, 2021 2:17 PM
To: Mike Hamburg <mike@shiftleft.org>; Hao, Feng <Feng.Hao@warwick.ac.uk>
Cc: CFRG <cfrg@irtf.org>
Subject: Re: [CFRG] Small subgroup question for draft-irtf-cfrg-hash-to-curve

Opaque doesn’t use a hash-to-curve operation.

CPace does; it also automatically aborts (fails) if the hash-to-curve operation happens to return a low order point (that is, a point that, after multiplying by the cofactor, is the neutral element).

From: CFRG <cfrg-bounces@irtf.org<mailto:cfrg-bounces@irtf.org>> On Behalf Of Mike Hamburg
Sent: Friday, April 9, 2021 1:00 PM
To: Hao, Feng <Feng.Hao@warwick.ac.uk<mailto:Feng.Hao@warwick.ac.uk>>
Cc: CFRG <cfrg@irtf.org<mailto:cfrg@irtf.org>>
Subject: Re: [CFRG] Small subgroup question for draft-irtf-cfrg-hash-to-curve

I don’t know if the same holds for OPAQUE or CPace: for all I know, they may have specification holes and/or end in failure in that case.