mirror of https://github.com/zcash/zips.git
Define DiversifyHash.
Signed-off-by: Daira Hopwood <daira@jacaranda.org>
This commit is contained in:
parent
ebecd8c1ff
commit
42506f08bd
|
@ -84,6 +84,9 @@ Most of the notation and functions used in this ZIP are defined in the Sapling p
|
||||||
- ToScalar(*x*) := LEOS2IP\ :sub:`512`\ (*x*) (mod *r*\ :sub:`J`\ ), where *r*\ :sub:`J` \ is the order
|
- ToScalar(*x*) := LEOS2IP\ :sub:`512`\ (*x*) (mod *r*\ :sub:`J`\ ), where *r*\ :sub:`J` \ is the order
|
||||||
of the Jubjub large prime subgroup.
|
of the Jubjub large prime subgroup.
|
||||||
|
|
||||||
|
- DiversifyHash(*d*) maps a diversifier *d* to a base point on the Jubjub elliptic curve, or to ⊥ if the
|
||||||
|
diversifier is invalid. It is instantiated in [#sapling-spec]_ section 5.4.1.6.
|
||||||
|
|
||||||
The following algorithm standardized in [#NIST-SP-800-38G]_ is used:
|
The following algorithm standardized in [#NIST-SP-800-38G]_ is used:
|
||||||
|
|
||||||
- FF1-AES256.Encrypt(*key*, *tweak*, *x*) refers to the FF1 encryption algorithm using AES with a
|
- FF1-AES256.Encrypt(*key*, *tweak*, *x*) refers to the FF1 encryption algorithm using AES with a
|
||||||
|
|
Loading…
Reference in New Issue