@jedisct1 Would you be open to add scalar * scalar operation to the new fields ops in libsodium? eg. crypto_core_ed25519_scalar_mul(z, x, y) where z = x*y mod l
-
-
Replying to @emilbayes
Looks like I didn’t pay attention to the end of your tweet. core_ed25519_scalar_mul() or core_ed25519_scalar_mult() are probably okay.
1 reply 0 retweets 0 likes -
Replying to @jedisct1
Cool! I can make a PR? My use-case is I have published a PK, and I want someone else to be able to make a "sub PK" from that for which only I can recover the SK. So they generate `y`, do `y*PK` and I get y (maybe output of a hash with appropriate clamping). I can then do y*SK
1 reply 0 retweets 0 likes
Replying to @emilbayes
Sure! A PR would be very appreciated! Don’t forget the Ristretto equivalent, and a couple test cases including 0, scalars >= L, and maybe a check that r*(x/r) = x.
10:46 AM - 7 Mar 2019
0 replies
0 retweets
1 like
Loading seems to be taking a while.
Twitter may be over capacity or experiencing a momentary hiccup. Try again or visit Twitter Status for more information.