|
James Cloos on Fri, 17 Feb 2017 17:53:12 +0100
|
[Date Prev] [Date Next] [Thread Prev] [Thread Next] [Date Index] [Thread Index]
|
Re: Verifying Elliptic Curve Cryptography
|
- To: pari-users@pari.math.u-bordeaux.fr
- Subject: Re: Verifying Elliptic Curve Cryptography
- From: James Cloos <cloos@jhcloos.com>
- Date: Fri, 17 Feb 2017 11:53:03 -0500
- Copyright: Copyright 2016 James Cloos
- Delivery-date: Fri, 17 Feb 2017 17:53:12 +0100
- Dkim-signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=jhcloos.com; s=ore14; t=1487350387; bh=UcWa95O9bwEQcRCQrip3ttxoXszwtipPTRg6GUAcQVQ=; h=From:To:Subject:In-Reply-To:References:Date:From; b=JR15n6ytXZX9S76hOPDkDSGnlXhELTmoF0E5IFoBj1rtXk+9In2gOE5vRGYtWUMp8 fKW7l0hiBIra2ovG+JmySu00rseg0f5eJoRobwDAOG5tZic3BnfxSoXK2iCUhadIyt X7kG9T0q5DmztXjLHiVEiRtZtFfGy9o5LW0f8PnI=
- Face: iVBORw0KGgoAAAANSUhEUgAAABAAAAAQAgMAAABinRfyAAAACVBMVEX///8ZGXBQKKnCrDQ3 AAAAJElEQVQImWNgQAAXzwQg4SKASgAlXIEEiwsSIYBEcLaAtMEAADJnB+kKcKioAAAAAElFTkSu QmCC
- In-reply-to: <20170215225339.GA7976@math.u-bordeaux.fr> (Karim Belabas's message of "Wed, 15 Feb 2017 23:53:39 +0100")
- Openpgp: 0x997A9F17ED7DAEA6; url=https://jhcloos.com/public_key/0x997A9F17ED7DAEA6.asc
- Openpgp-fingerprint: E9E9 F828 61A4 6EA9 0F2B 63E7 997A 9F17 ED7D AEA6
- References: <m3lgt7t7iq.fsf@jhcloos.com> <20170215225339.GA7976@math.u-bordeaux.fr>
- User-agent: Gnus/5.13 (Gnus v5.13) Emacs/26.0.50 (gnu/linux)
All,
Thanks for that. I knew about (or at least had known about)
ellfromeqn(), but stupidly didn't think of it. :(
I did have to set parisizemax to a large value in ~/.gprc to
get ellcard() to work.
The main benefits of the modern curves are that constant time
implementations are straighforward, have reasonable performance.
Avoiding things like points at infinity helps avoid input testing.
That also means they are typically presented in Montgomery or
Edwards form. Or twists thereof. But almost never in Weierstrass.
Thanks.
-JimC
--
James Cloos <cloos@jhcloos.com> OpenPGP: 0x997A9F17ED7DAEA6