Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Ristretto support #421

Open
tucnak opened this issue May 19, 2020 · 1 comment
Open

Ristretto support #421

tucnak opened this issue May 19, 2020 · 1 comment
Labels
help wanted question

Comments

@tucnak
Copy link

tucnak commented May 19, 2020

Hello,

As usual, many thanks for the most fantastic crypto construction Go library out there!

Are there any plans for Ristretto support? The group is ristretto255, which is built on top of Curve25519, so I assume this shouldn't be too hard to implement it in the current framework. Apparently, there are arguments in favour of using ristretto255, as opposed to ed25519, but I don't strictly understand what the benefits are. Am I right to assume that ristretto255 only uses 1/8 of the points, thus somehow eliminating the risk of malleability?

Cheers,
Ian
@ineiti
Copy link
Member

ineiti commented May 20, 2020

Hi Ian,

from what I know, there are currently no plans to do this. But if you want to give it a shot, I'm sure it would be accepted as a PR ;)

The *25519 groups in this library per default also only use 1/8 of the available points (and scalars), which is parametrizable using the subgroup parameter:

kyber/group/curve25519/suite.go

Line 59 in cf1d7f3

func NewBlakeSHA256Curve25519(fullGroup bool) *SuiteCurve25519 {

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
help wanted question
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
3 participants
@tucnak @ineiti @pierluca