Closed HAOYUatHZ closed 3 years ago
@omershlo I have refactored the H_g() for RSA,
and setup() for class.
However I am not quite happy about the codes, because now I need to pass x
into setup?
and setup() for class.
tested via cargo test --lib vdf -- --test-threads=1
@omershlo I've also refactored RSA one now. The PR is ready, you can take a look again.
BTW, I've got a few questions:
Hi,
I see you made a bunch of commits, does it mean the PR is ready for another review ? about your questions: 1) h_g is not specified in the papers, It is one of those things that authors love to keep abstract - they just assume that there exist a hash function mapping strings to group elements. Our implementation is something we came up with that we argue achieve the required functionality and security guarantees.
2) That's a good question - nothing come to mind immediately but I am not an expert on Pietrzak proof. I suggest opening an issue in that repo to ask, or ask in our telegram group- I would also be interested to learn.
Hi,
I see you made a bunch of commits, does it mean the PR is ready for another review ? about your questions:
- h_g is not specified in the papers, It is one of those things that authors love to keep abstract - they just assume that there exist a hash function mapping strings to group elements. Our implementation is something we came up with that we argue achieve the required functionality and security guarantees.
- That's a good question - nothing come to mind immediately but I am not an expert on Pietrzak proof. I suggest opening an issue in that repo to ask, or ask in our telegram group- I would also be interested to learn.
yes it's ready again. @omershlo
I see you use M13 prime for the modulus. In RSA the modulus should be a bi-prime ( N = p*q for p,q 1024 bit primes)
RSA the modulus should be a bi-prime
So a 2048 bi-prime for N?
What about using https://en.wikipedia.org/wiki/RSA_numbers#RSA-2048 here?
Looks good.
as discussed in https://github.com/KZen-networks/class/issues/27