--- Day changed Sat Jan 21 2017 01:43 -!- jtimon [~quassel@245.30.134.37.dynamic.jazztel.es] has quit [Ping timeout: 240 seconds] 01:44 -!- waxwing [~waxwing@14.174.32.23] has quit [Ping timeout: 240 seconds] 01:45 < arubi> hey all, if I have the secret 'd' and the public point P, I can easily figure out the secret to "-P", which is really just the point with the other P_y solution from sqrt( P_x^3 + 7 ), by doing mod(-d,n). 01:46 < arubi> can a similar process be done, but with the 3 points that share the same P_y value, and that their P_x's are the 3 values from cube_root( P_y^2 - 7 )? 01:46 < arubi> assuming I have the secret 'd' to one of these points, and have the other two public points with the same P_y, what operation do I need to do with my secret to get the other two secrets? 03:24 -!- waxwing [~waxwing@14.174.32.23] has joined #secp256k1 03:51 -!- afk11 [~user@unaffiliated/afk11] has joined #secp256k1 05:38 -!- afk11 [~user@unaffiliated/afk11] has quit [Ping timeout: 255 seconds] 05:45 -!- afk11 [~user@2a02:a210:301:7980:b1e4:3905:dd7e:dee8] has joined #secp256k1 07:29 < sipa> arubi: you have just rediscovered the efficiently computable endomorphism trick that is used in libsecp when you build with --enable-endomorphism 07:30 < sipa> arubi: you need to multiply the secrets with the cube roots of 1 mod order 07:31 -!- aalex [~aalex@64.187.177.58] has joined #secp256k1 07:38 -!- waxwing [~waxwing@14.174.32.23] has quit [Ping timeout: 240 seconds] 07:39 -!- aalex [~aalex@64.187.177.58] has quit [Ping timeout: 276 seconds] 07:40 < arubi> sipa, that's it! it works! so cool to discover this, I'll most definitely look at how the lib does it 07:41 < sipa> it uses it to speed up point multiplication significantly 07:41 < sipa> by rewriting a*P as (a1*P + a2*cuberoot1*P) 07:42 < sipa> where a1 and a2 are only ~128 bits 07:43 < sipa> and cuberoot1*P is efficiently computable (just multiple y with the cube root of 1 mod field order) 07:45 < arubi> I think I understand what's it doing, will probably try to implement that over the week now that everything looks simpler :) 07:48 < sipa> it requires some nontrivial math, be warned :) 07:50 < arubi> haha, good. 08:30 -!- jtimon [~quassel@245.30.134.37.dynamic.jazztel.es] has joined #secp256k1 10:21 -!- waxwing [~waxwing@14.174.32.23] has joined #secp256k1 13:53 -!- waxwing [~waxwing@14.174.32.23] has quit [Ping timeout: 240 seconds] 16:53 -!- waxwing [~waxwing@14.174.32.23] has joined #secp256k1 17:42 -!- arubi [~ese168@gateway/tor-sasl/ese168] has quit [Remote host closed the connection] 17:45 -!- arubi [~ese168@gateway/tor-sasl/ese168] has joined #secp256k1 20:34 -!- jtimon [~quassel@245.30.134.37.dynamic.jazztel.es] has quit [Ping timeout: 245 seconds] 23:24 -!- aalex [~aalex@64.187.177.58] has joined #secp256k1 23:32 -!- aalex [~aalex@64.187.177.58] has quit [Ping timeout: 240 seconds]