search

cfrg / draft-irtf-cfrg-pairing-friendly-curves

https://datatracker.ietf.org/doc/draft-irtf-cfrg-pairing-friendly-curves/
Other
8 stars 6 forks source link

Comments from Armando during the RGLC (Editorial Comments) #60

Closed yumi-sakemi closed 3 years ago

yumi-sakemi commented 4 years ago

Editorial comments from Armando (CFRG members) are shown as follows.

https://mailarchive.ietf.org/arch/msg/cfrg/5R3YzUekQTqpJxatVVsrksNDoms/

Tsune3110 commented 3 years ago

OK!

This is a cross-check as a co-author.

Tsune3110 commented 3 years ago

OK!

This is a cross-check as a co-author.

yumi-sakemi commented 3 years ago

(Reply Comments)

order 6 twists. -> order-6 twists.

Thank you for your comment! We changed the whole sentence because other members also pointed out the problem with this sentence.

yumi-sakemi commented 3 years ago

(Reply Comments)

embeddiing -> embedding paiting-based crytography -> pairing-based cryptography Armand -> Armando

Thank you for your comment! We revised the part pointed out according to your comments. In particular, I would like to apologize for my mistyping on your name. We have carefully fixed it.

yumi-sakemi commented 3 years ago

(Reply Comments)

rewrite: the only known attacks thus far attack the discrete logarithm problem directly, so we focus on the discrete logarithm in this memo.

rewrite: There has since been research into the minimum bit length of the parameters of pairing-friendly curves

Thank you for your comments. Since no specific points of view for the "rewrite" were shown, the authors reviewed this description throughout our draft. As a result, we have kept the description because we did not think there were any discomfort or major problems.

yumi-sakemi commented 3 years ago

(Reply Comments)

In Appendix A, make explicit the isomorphism between E and E' as this helps implementers. There is a subtle distinction when computing the pairing entirely with both points on the twist. (see Theorem 1 of https://eprint.iacr.org/2009/615).

Thanks for the suggestion! Since the isomorphism of twist needs to be written for each curve, the algorithm needs to be written for each curve accordingly. As a result, we concerned that the draft will be very complicated. On the other hand, as you pointed out, we understand that not showing specific twist technique usage would be unhelpful for the implementers. So we've added some references for the twist technique including your recommended reference.

armfazh commented 3 years ago

Thanks for addressing these comments, most of them are editiorial, in version v08. This issue can be closed.