Tsune3110
commented
4 years ago OK!
This is a cross-check as a co-author.
Closed yumi-sakemi closed 3 years ago
Tsune3110
commented
4 years ago OK!
This is a cross-check as a co-author.
yumi-sakemi
commented
4 years ago (Reply Comments)
1) Section 2.1, first para: replace "F_q" by GF(q), stipulate that extension degree n>0.
Thank you for your comments! We revised the part pointed out according to your comments.
yumi-sakemi
commented
4 years ago (Reply Comments)
2) Section 2.1, first para: with defining equation, use more common domain parameters a and b (i.e., lowercase instead of upper case). Elsewhere, do use common nomenclature used with NIST, ANSI, SECG, ISO for 2 decades, including n for prime-order subgroup, h for co-factor, mention irreducible polynomial f(z) with extension field, denote fixed base point by P (instead of BP), etc. If one wishes, refer to Appendix B.1 of [1].
Thanks for your suggestions. According to your comment, we changed the domain parameters "A" and "B" to "a" and "b" because a lot of documents related to ECC use "a" and "b". The "a" was used to represent an another parameter, so we also changed the related parts. On the other hand, we are sorry, but we did not change the parameter "BP" that represents the base point BP to P, because we would like to use P as a variable to represent an arbitrary rational point.
yumi-sakemi
commented
4 years ago (Reply Comments)
3) Section 2.1, 2nd para: "point on" should be "point of".
Thank you for pointing out. I'm sorry, but some standard specifications and textbooks use "on", so I would like to follow them.
RFC6090: Fundamental Elliptic Curve Cryptography Algorithms https://tools.ietf.org/html/rfc6090
Hashing to Elliptic Curves https://tools.ietf.org/pdf/draft-irtf-cfrg-hash-to-curve-09.pdf
SEC 1: Elliptic Curve Cryptography https://www.secg.org/sec1-v2.pdf
Rational Points on Elliptic Curves (Undergraduate Texts in Mathematics) J. H. Silverman, J. T. Tate https://www.amazon.co.jp/Rational-Elliptic-Undergraduate-Mathematics-English-ebook/dp/B00YPPBZYG
Handbook of Elliptic and Hyperelliptic Curve Cryptography H. Cohen et al. https://www.amazon.co.jp/dp/B00I60LZPA/ref=dp-kindle-redirect?_encoding=UTF8&btkr=1
yumi-sakemi
commented
4 years ago (Reply Comments)
4) Section 2.1, first/3rd para: isn't it simpler to define curve over GF(q) and then introduce curve with same domain parms, but then defined over extension field GF(q^k)?
Thank you for your suggestion! I'm sorry, but I think there is not a big problem because this part has passed Expert Review.
yumi-sakemi
commented
4 years ago (Reply Comments)
5) Section 2.1, 3rd para: "group law which" should be "group law that", "reflection about x-axis" should be "reflection around x-axis", with "unique third point of intersection [R]" (i.e., give this a name, here R), with [a]P, stipulate that [0]P is the identity element and that [-a]P=-([a]P), etc.
6) Section 2.1, terminology: fix E(F_{q^k}) (i.e., add paranthesis), fix that this refers to GF(q^k)-rational points (rather than GF(q)-rational points, same with cardinalities.
7) Section 2.1, terminology: with co-factor h, doesn't one need gcd(h,n)=1 (so, as to ensure unique order-n subgroup)?
8) Sectioon 2.2, 2nd para "is called embedding degree of E over GF(q)" (i.e., add curve and field over which this is defined)
9) Section 2.2, 2nd para: the term "twist" is not defined (but often used elsewhere in the draft), neither is the term GF(p^k)* (nonzero elements of GF(p^k).
10) Section 2.3, 2nd para: replace "prime p" by "prime number p (where p at least five)".
11) Section 2.3, 3rd para (top of p. 8): write "the multiplicative group..." or, better still, simply state that b is a primitive element of GF(p) (and add this to terminology).
12) Section 2.4, 4th para: "parameterized" should read "parameters".
13) Section 3.1, 3rd para: "paiting-based" should be "pairing-based" (i.e., fix the typo "t" --> "r").
14) Section 3.1, 4th para: "to solve" should read "for solving".
15) Section 3.2, 1st para: "the security level(s)" (i.e., make plural), "... correspond" (i.e., use corresponding verb conjugation).
17) Section 4.2.1, 4th para: "categorized as M-type" ("as" instead of "into").
Thank you for your comments! We revised the part pointed out according to your comments.
yumi-sakemi
commented
4 years ago (Reply Comments)
16) Section 4.2, 2nd para: reword "more prudent option" as "more conservative option".
Thanks for your comment. I'm sorry, but this sentence was suggested by the Expert Reviewer, so I'd like to keep this expression.
Editorial comments from Rene (CFRG members) are shown as follows.
https://mailarchive.ietf.org/arch/msg/cfrg/pW71h3yUETnqedHsH0m3rwzPnm4/