Open zjsec opened 8 months ago
The document states as follows: DOC1 ProjectiveNielsPoint: $(Y+X,Y−X,Z,2dXY)$ DOC2 "..., represented as $(Y+X,Y-X,Z,2dXY)$ in ‘Niels coordinates’."
But the relevant code is as follows: https://github.com/dalek-cryptography/curve25519-dalek/blob/89aabac235ecb2fee2e1f482a17d9312a2616c5a/curve25519-dalek/src/edwards.rs#L513
impl EdwardsPoint { /// Convert to a ProjectiveNielsPoint pub(crate) fn as_projective_niels(&self) -> ProjectiveNielsPoint { ProjectiveNielsPoint { Y_plus_X: &self.Y + &self.X, Y_minus_X: &self.Y - &self.X, Z: self.Z, T2d: &self.T * &constants::EDWARDS_D2, } } }
We know that in the $\mathbb{P}^3$ model, $XY=ZT$, so $XY$ is not equal to $T$. Is it a document error? Is it correct to change to $(Y-X, Y+X, Z, 2dT)$?
The document states as follows: DOC1 ProjectiveNielsPoint: $(Y+X,Y−X,Z,2dXY)$ DOC2 "..., represented as $(Y+X,Y-X,Z,2dXY)$ in ‘Niels coordinates’."
But the relevant code is as follows: https://github.com/dalek-cryptography/curve25519-dalek/blob/89aabac235ecb2fee2e1f482a17d9312a2616c5a/curve25519-dalek/src/edwards.rs#L513
We know that in the $\mathbb{P}^3$ model, $XY=ZT$, so $XY$ is not equal to $T$. Is it a document error? Is it correct to change to $(Y-X, Y+X, Z, 2dT)$?