Score:1

Verifiable Base Point generation via NIST SP 800-186 method

ng flag

I'm looking at D.3.2 Verifiably Random Base Points of NIST SP 800-186. Looks like step 5 is there to ensure that $hashlen > bitLen(q)+1$ and (potentially) discard big $e$, so $t$ is distributed properly. However, the generation method won't work in if $hashlen < bitLen(q)$ (say SHA256 and Curve448). Is there any way to fix it?

enter image description here

kelalaka avatar
in flag
The step only checks that the division is not the same. You may choose a large hash like SHA-512.
pintor avatar
ng flag
@kelalaka, yes but when hashlen is smaller than qbitLen, it's an infinite loop, no? With a bigger hashlen there is no problem, but I wonder how to make it work with a smaller one
mangohost

Post an answer

Most people don’t grasp that asking a lot of questions unlocks learning and improves interpersonal bonding. In Alison’s studies, for example, though people could accurately recall how many questions had been asked in their conversations, they didn’t intuit the link between questions and liking. Across four studies, in which participants were engaged in conversations themselves or read transcripts of others’ conversations, people tended not to realize that question asking would influence—or had influenced—the level of amity between the conversationalists.