Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Modify the range of the sampled random in П^{enc}? #86

Open
fjarri opened this issue Nov 22, 2023 · 0 comments
Open

Modify the range of the sampled random in П^{enc}? #86

fjarri opened this issue Nov 22, 2023 · 0 comments
Labels
cryptography Needs cryptographic expertise
Milestone
v1.0.0

Comments

@fjarri
Copy link
Member

fjarri commented Nov 22, 2023

П^{enc} (Fig. 14) prescribes sampling alpha from [-2^(l+eps), 2^(l+eps)]. Also takes an argument k in [-2^l, 2^l] and generates the challenge e in [-q, q] (where q is the curve order, with q < 2^l). Then, on the verifier side one of the checks is if alpha + e * k is in [-2^(l+eps), 2^(l+eps)].

Since e and k are externally determined (by arguments to the proof), would it be safe to generate alpha in a way that it won't fail that range check? That is, sample alpha from [-2^(l+eps) - e * k, 2^(l+eps) - e * k] instead?
@fjarri fjarri added the cryptography Needs cryptographic expertise label Nov 22, 2023
@fjarri fjarri added this to the v1.0.0 milestone Nov 26, 2023
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
cryptography Needs cryptographic expertise
Projects
None yet
Milestone
v1.0.0
Development

No branches or pull requests
1 participant
@fjarri