Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Secure hashing to curve per RFC9380 #169

Merged
merged 5 commits into from
Oct 29, 2024
Merged

Secure hashing to curve per RFC9380 #169

merged 5 commits into from
Oct 29, 2024

Conversation

iaik-jheher
Copy link
Collaborator

RFC. This is needed for lots of advanced cryptography, including OPRFs and OPAQUE. Probably a good thing to have in one place.

Note: side channel security relies on the underlying BigInteger implementation being constant time. I have my doubts whether our underlying BigInteger is constant time.

@iaik-jheher iaik-jheher changed the base branch from main to development October 24, 2024 19:20
@JesusMcCloud
Copy link
Collaborator

I hate to overcomplicate things, but I really think we need some additional interface on an elliptic curve class to denote which ones work for our current EC math and which ones don't. Currently, all curves work, but this will change in the future. If we add this now, its harder to shoot your future self in the foot

@iaik-jheher
Copy link
Collaborator Author

yes, i've thought about this as well; would mean refactoring the ECCurve enum as a sealed interface tree of objects

@iaik-jheher iaik-jheher mentioned this pull request Oct 25, 2024
Open
@iaik-jheher
Copy link
Collaborator Author

yes, i've thought about this as well; would mean refactoring the ECCurve enum as a sealed interface tree of objects

i don't think this is relevant to this PR though; it would be a separate refactor
(we will need this anyway when we add pairing curves etc.)

JesusMcCloud
JesusMcCloud requested changes Oct 25, 2024
View reviewed changes
Copy link
Collaborator

@JesusMcCloud JesusMcCloud left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

i know the snake_case function names come from the rfc, but still. please use CamelCase (but feel free to add the snake_case names into the apidocs. (yes, even for private functions)

supreme/src/commonMain/kotlin/at/asitplus/signum/ecmath/RFC9380.kt Outdated Show resolved Hide resolved
supreme/src/commonMain/kotlin/at/asitplus/signum/ecmath/RFC9380.kt Outdated Show resolved Hide resolved
@iaik-jheher

This comment was marked as outdated.

Sign in to view
@iaik-jheher
Copy link
Collaborator Author

made the requested changes

@iaik-jheher iaik-jheher mentioned this pull request Oct 28, 2024
Draft
@iaik-jheher
also expose components
bb7e5ff 
- RFC9380.expand_message_xmd
- RFC9380.map_to_curve_simple_swu

they are sometimes used as components in other constructions
JesusMcCloud
JesusMcCloud approved these changes Oct 29, 2024
View reviewed changes
Copy link
Collaborator

@JesusMcCloud JesusMcCloud left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

🙂

@iaik-jheher iaik-jheher merged commit 3b57c3d into development Oct 29, 2024
7 checks passed
@iaik-jheher iaik-jheher deleted the feature/rfc9380 branch October 29, 2024 12:13
@iaik-jheher iaik-jheher mentioned this pull request Oct 30, 2024
Merged
JesusMcCloud pushed a commit that referenced this pull request Nov 7, 2024
@iaik-jheher @JesusMcCloud
Secure hashing to curve per RFC9380 (#169)
58eef81
JesusMcCloud pushed a commit that referenced this pull request Nov 7, 2024
@iaik-jheher @JesusMcCloud
Secure hashing to curve per RFC9380 (#169)
b92172c
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@JesusMcCloud JesusMcCloud JesusMcCloud approved these changes

Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
2 participants
@iaik-jheher @JesusMcCloud