mirror of https://github.com/zcash/zips.git
NCC audit: Document that the choice of nonsquare for λ_G in \crossref{concretegrouphashpallasandvesta} makes no difference
to the output of map_to_curve_simple_swu. Signed-off-by: Daira Hopwood <daira@jacaranda.org>
This commit is contained in:
parent
fa2b1c6ce9
commit
a68c7d24d0
|
@ -10677,6 +10677,8 @@ Define $\sqrtratioG(\num, \xdiv) \typecolon \GF{\ParamG{q}} \times \GFstar{\Para
|
||||||
\vspace{-1ex}
|
\vspace{-1ex}
|
||||||
\begin{nnotes}
|
\begin{nnotes}
|
||||||
\item An arbitrary square root may be chosen in either case of the definition. The result is never $\bot$.
|
\item An arbitrary square root may be chosen in either case of the definition. The result is never $\bot$.
|
||||||
|
\item The choice of the nonsquare $\ParamG{\lambda}$ is also arbitrary and will not affect the output
|
||||||
|
of $\maptocurvesimpleswuIsoG$ defined below.
|
||||||
\item The computation of $\sqrtratioG$ can be optimized as described in \todo{}.
|
\item The computation of $\sqrtratioG$ can be optimized as described in \todo{}.
|
||||||
\end{nnotes}
|
\end{nnotes}
|
||||||
|
|
||||||
|
@ -13970,6 +13972,9 @@ Peter Newell's illustration of the Jubjub bird, from \cite{Carroll1902}.
|
||||||
in $\hashtofield$ is intentional, despite the \pallasCurve only having
|
in $\hashtofield$ is intentional, despite the \pallasCurve only having
|
||||||
$126$-bit conjectured security against generic attacks.
|
$126$-bit conjectured security against generic attacks.
|
||||||
\item Correct the output type of $\sqrtratioG$.
|
\item Correct the output type of $\sqrtratioG$.
|
||||||
|
\item Document that the choice of nonsquare for $\ParamG{\lambda}$ in
|
||||||
|
\crossref{concretegrouphashpallasandvesta} makes no difference to the
|
||||||
|
output of $\maptocurvesimpleswuIsoG$.
|
||||||
\item Make the naming of $\enableSpends$ and $\enableOutputs$ consistent.
|
\item Make the naming of $\enableSpends$ and $\enableOutputs$ consistent.
|
||||||
\end{itemize}
|
\end{itemize}
|
||||||
\item Correct the description of $\lengthField$ in \crossref{unifiedpaymentaddrencoding}.
|
\item Correct the description of $\lengthField$ in \crossref{unifiedpaymentaddrencoding}.
|
||||||
|
|
Loading…
Reference in New Issue