lovesh
commented
4 years ago The "curve order" term is misleading. It's the order of the largest prime subgroup on the curve (what you said in the last statement). Will fix.
Open barakshani opened 4 years ago
lovesh
commented
4 years ago The "curve order" term is misleading. It's the order of the largest prime subgroup on the curve (what you said in the last statement). Will fix.
In field_elem.rs the FieldElement implementation says "Represents an element of the prime field of the curve. All operations are done modulo the curve order" (similarly in the Rust docs: https://docs.rs/amcl_wrapper/0.4.0/amcl_wrapper/field_elem/struct.FieldElement.html)
This sentence is a bit confusing, since the prime number may not be the same as the curve order. In particular, it is not clear if operation are made in the field (i.e. modulo the prime) or are reduced modulo the curve order.
I looked at the code and it indeed seems that operation are modulo the curve order. If this is the case, it is probably better not to state the first part "Represents an element of the prime field of the curve".
Moreover, even calling the type "field element" is not that great, since the curve order is not necessarily prime, so working modulo the curve order might not be working over some prime field (unless in the implementation we always work in the curve's (large) prime subgroup).