[messaging] sign(y) for Elligator2_p2r from X25519 u-points

Van Gegel torfone at ukr.net
Wed Mar 14 05:46:11 PDT 2018

Hello, Messaging!

I'm trying to adapt Elligator2 p2r()  to the uNaCl X25519 library for embedded systems. 
The original p2r() uses the sign(v)  to select between sqrt(-u/(2(u+A))) and sqrt(-(u+A)/(2u))) . 
But X25519 point has no v  ( sign(v) is always assumed to be 0 ). 
Can I use sign(v)=0 or must select the sign(v) randomly to get a completely random representation string of X25519 u-point with p2r()?

Van Gegel.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://moderncrypto.org/mail-archive/messaging/attachments/20180314/f41b2916/attachment.html>

More information about the Messaging mailing list