-
Notifications
You must be signed in to change notification settings - Fork 470
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Hash to curve as defined in the standard #377
base: main
Are you sure you want to change the base?
Conversation
The current implementation is not compatible with the current definition of the standard. This PR provides a hash-to-curve implementation as defined in draft-irtf-cfrg-hash-to-curve-12. * Implementation of `hash_to_field` as defined in the standard * Implementation of `hash_to_curve` as defined in the standard, by changing the mechanism over which we chose the sign. * For the point above, had to change the `elligator_encode` to return whether `eps` is a square or not (required for `hash_to_curve`). * Included test vectors of the draft. * Included `FieldElement::from_bytes_wide(bytes: &u8; 64])` to reduce integers encoded in 64 bytes.
I see in #438 that the function |
Yes, thank u for following up. I do want to merge this but I haven't gotten a chance to do a proper review. We really need to get to a 4.0 release, so I think this might have to wait until 4.1. Thank you so much for this contribution. I promise it will get the attention it deserves. |
Great, thanks! And whenever you think you have time, you can ping me here, and I'll rebase (as there's been some changes in the hashing functions) and make sure it follows the latest version of the standard 👍 Thanks for working on this 🙏 |
It would also be interesting if someone could attempt to impl the |
Happy to do it 👍 given that there is no rush, I should be able to dedicate a few cycles in a reasonable amount of time. |
The current implementation is not compatible with the current definition of the standard. This PR provides a hash-to-curve implementation as defined in draft-irtf-cfrg-hash-to-curve-12.
hash_to_field
as defined in the standardhash_to_curve
as defined in the standard, by changing the mechanism over which we chose the sign.elligator_encode
to return whethereps
is a square or not (required forhash_to_curve
).FieldElement::from_bytes_wide(bytes: &u8; 64])
to reduce integers encoded in 64 bytes.