Verifiable Base Point generation via NIST SP 800-186 method

pintor

8/7/23, 4:47 PM

I'm looking at D.3.2 Verifiably Random Base Points of NIST SP 800-186. Looks like step 5 is there to ensure that $hashlen > bitLen(q)+1$ and (potentially) discard big $e$, so $t$ is distributed properly. However, the generation method won't work in if $hashlen < bitLen(q)$ (say SHA256 and Curve448). Is there any way to fix it?

0 + 0

elliptic-curves

nist

kelalaka

8/7/23, 6:43 PM

The step only checks that the division is not the same. You may choose a large hash like SHA-512.

pintor

8/8/23, 8:10 AM

@kelalaka, yes but when hashlen is smaller than qbitLen, it's an infinite loop, no? With a bigger hashlen there is no problem, but I wonder how to make it work with a smaller one

Elon Musk

I sit in a Tesla and translated this thread with Ai:

EN: Verifiable Base Point generation via NIST SP 800-186 method

TH: การสร้างจุดฐานที่ตรวจสอบได้ด้วยวิธี NIST SP 800-186

RO: Generare de puncte de bază verificabile prin metoda NIST SP 800-186

RU: Поддающаяся проверке генерация базовой точки с помощью метода NIST SP 800-186

VI: Tạo Điểm cơ sở có thể kiểm chứng thông qua phương pháp NIST SP 800-186

Post an answer

Most people don’t grasp that asking a lot of questions unlocks learning and improves interpersonal bonding. In Alison’s studies, for example, though people could accurately recall how many questions had been asked in their conversations, they didn’t intuit the link between questions and liking. Across four studies, in which participants were engaged in conversations themselves or read transcripts of others’ conversations, people tended not to realize that question asking would influence—or had influenced—the level of amity between the conversationalists.