@jedisct1 Would you be open to add scalar * scalar operation to the new fields ops in libsodium? eg. crypto_core_ed25519_scalar_mul(z, x, y) where z = x*y mod l
Looks like I didn’t pay attention to the end of your tweet. core_ed25519_scalar_mul() or core_ed25519_scalar_mult() are probably okay.
-
-
Cool! I can make a PR? My use-case is I have published a PK, and I want someone else to be able to make a "sub PK" from that for which only I can recover the SK. So they generate `y`, do `y*PK` and I get y (maybe output of a hash with appropriate clamping). I can then do y*SK
-
Sure! A PR would be very appreciated! Don’t forget the Ristretto equivalent, and a couple test cases including 0, scalars >= L, and maybe a check that r*(x/r) = x.
End of conversation
New conversation -
Loading seems to be taking a while.
Twitter may be over capacity or experiencing a momentary hiccup. Try again or visit Twitter Status for more information.