[curves] Scalar decomposition for FourQ
Chiraag Juvekar
chiraag.juvekar at gmail.com
Sat Mar 25 12:49:50 PDT 2017
Hi all,
I had a question about the scalar decompositions in FourQ and I was not
sure on who to ask. I hope that it is not out of place for this mailing
list. I wanted to avoid implementing the scalar decomposition logic for a
low-resource implementation. I was wondering if it is secure to directly
select the decomposed scalar as 4 random 64-bit numbers when running DH on
FourQ? I know for example that this is true in the context of \tau-adic
expansions for Koblitz curves where we can pick a random \tau-NAF directly
instead of implementing a converter.
--
Chiraag
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://moderncrypto.org/mail-archive/curves/attachments/20170325/36842d84/attachment.html>
More information about the Curves
mailing list