--- Log opened Thu May 04 00:00:35 2017
--- Day changed Thu May 04 2017
00:00 -!- wizkid057 [~wk@unaffiliated/wizkid057] has quit [Ping timeout: 258 seconds]
00:01 -!- tromp [~tromp@ool-944bc443.dyn.optonline.net] has joined #bitcoin-wizards
00:02 -!- wizkid057 [~wk@unaffiliated/wizkid057] has joined #bitcoin-wizards
00:06 -!- tromp [~tromp@ool-944bc443.dyn.optonline.net] has quit [Ping timeout: 245 seconds]
00:12 -!- BashCo [~BashCo@unaffiliated/bashco] has joined #bitcoin-wizards
00:36 -!- jtimon [~quassel@9.31.134.37.dynamic.jazztel.es] has quit [Ping timeout: 268 seconds]
00:36 -!- mol [~molly@unaffiliated/molly] has quit [Remote host closed the connection]
00:36 -!- moli_ [~molly@unaffiliated/molly] has joined #bitcoin-wizards
01:00 -!- Dyaheon [~Dya@a91-156-192-24.elisa-laajakaista.fi] has quit [Ping timeout: 246 seconds]
01:02 -!- Dyaheon [~Dya@a91-156-192-24.elisa-laajakaista.fi] has joined #bitcoin-wizards
01:15 -!- wizkid057 [~wk@unaffiliated/wizkid057] has quit [Ping timeout: 240 seconds]
01:22 -!- wizkid057 [~wk@unaffiliated/wizkid057] has joined #bitcoin-wizards
01:35 -!- Onee [~Onee@58.178.192.240] has quit []
01:36 -!- cluckj [~cluckj@pool-108-52-166-30.phlapa.fios.verizon.net] has joined #bitcoin-wizards
01:37 -!- JackH [~laptop@79.73.191.98] has joined #bitcoin-wizards
01:38 -!- harrymm [~wayne@104.237.91.228] has joined #bitcoin-wizards
01:41 -!- UnrealLife [~UnrealLif@94.96.177.155] has quit [Ping timeout: 258 seconds]
01:46 -!- jannes [~jannes@095-097-246-234.static.chello.nl] has joined #bitcoin-wizards
02:01 -!- tromp [~tromp@ool-944bc443.dyn.optonline.net] has joined #bitcoin-wizards
02:05 -!- tromp [~tromp@ool-944bc443.dyn.optonline.net] has quit [Ping timeout: 240 seconds]
02:13 -!- Guyver2 [~Guyver2@guyver2.xs4all.nl] has joined #bitcoin-wizards
02:29 -!- runeks [sid21167@gateway/web/irccloud.com/x-xleufpdshhvmbruj] has quit []
02:29 -!- runeks [sid21167@gateway/web/irccloud.com/x-sltpgvdtmumwndib] has joined #bitcoin-wizards
02:56 -!- UnrealLife [~UnrealLif@93.169.168.193] has joined #bitcoin-wizards
03:14 -!- nejon [uid38993@gateway/web/irccloud.com/x-erkbptjtxgfiacrs] has quit []
03:15 -!- nejon [uid38993@gateway/web/irccloud.com/x-cwhzldtvlzfesari] has joined #bitcoin-wizards
03:15 -!- adams__ [sid73416@gateway/web/irccloud.com/x-wmuwmcasltrvnisq] has quit []
03:15 -!- adams__ [sid73416@gateway/web/irccloud.com/x-zqlbjgnwjbtvsepq] has joined #bitcoin-wizards
03:22 -!- wizkid057 [~wk@unaffiliated/wizkid057] has quit [Ping timeout: 240 seconds]
03:24 -!- wizkid057 [~wk@unaffiliated/wizkid057] has joined #bitcoin-wizards
03:31 -!- chjj [~chjj@unaffiliated/chjj] has quit [Ping timeout: 240 seconds]
03:32 -!- pro [~pro@unaffiliated/pro] has joined #bitcoin-wizards
03:33 -!- pro [~pro@unaffiliated/pro] has quit [Remote host closed the connection]
03:33 -!- pro [~pro@unaffiliated/pro] has joined #bitcoin-wizards
03:38 -!- face [~face@mail.hmel.org] has quit [Ping timeout: 240 seconds]
03:41 -!- bildramer [~bildramer@p2003004D2B189F00D421C7B79405DD81.dip0.t-ipconnect.de] has joined #bitcoin-wizards
03:44 -!- chjj [~chjj@unaffiliated/chjj] has joined #bitcoin-wizards
04:02 -!- dnaleor [~dnaleor@78-23-74-78.access.telenet.be] has quit [Quit: Leaving]
04:07 -!- dnaleor [~dnaleor@78-23-74-78.access.telenet.be] has joined #bitcoin-wizards
04:12 -!- kristofferR [~kristoffe@91.37-191-173.fiber.lynet.no] has quit [Quit: Textual IRC Client: www.textualapp.com]
04:26 -!- dnaleor [~dnaleor@78-23-74-78.access.telenet.be] has quit [Quit: Leaving]
04:26 -!- dnaleor [~dnaleor@78-23-74-78.access.telenet.be] has joined #bitcoin-wizards
04:27 -!- jouke [~worst@unaffiliated/komkommer] has quit [Ping timeout: 255 seconds]
04:38 -!- pro [~pro@unaffiliated/pro] has quit [Ping timeout: 268 seconds]
04:57 -!- kristofferR [~kristoffe@91.37-191-173.fiber.lynet.no] has joined #bitcoin-wizards
04:59 -!- pro [~pro@unaffiliated/pro] has joined #bitcoin-wizards
05:02 -!- tromp [~tromp@ool-944bc443.dyn.optonline.net] has joined #bitcoin-wizards
05:07 -!- tromp [~tromp@ool-944bc443.dyn.optonline.net] has quit [Ping timeout: 240 seconds]
05:12 -!- rusty [~rusty@pdpc/supporter/bronze/rusty] has joined #bitcoin-wizards
05:14 -!- [7] [~quassel@rockbox/developer/TheSeven] has quit [Ping timeout: 258 seconds]
05:14 -!- TheSeven [~quassel@rockbox/developer/TheSeven] has joined #bitcoin-wizards
05:15 -!- dnaleor [~dnaleor@78-23-74-78.access.telenet.be] has quit [Quit: Leaving]
05:17 -!- dnaleor [~dnaleor@78-23-74-78.access.telenet.be] has joined #bitcoin-wizards
05:17 -!- UnrealLife [~UnrealLif@93.169.168.193] has quit [Quit: Leaving]
05:21 -!- rusty [~rusty@pdpc/supporter/bronze/rusty] has quit [Ping timeout: 268 seconds]
05:23 -!- harrymm1 [~wayne@104.237.91.147] has joined #bitcoin-wizards
05:23 -!- harrymm1 [~wayne@104.237.91.147] has quit [Max SendQ exceeded]
05:24 -!- harrymm1 [~wayne@104.237.91.147] has joined #bitcoin-wizards
05:24 -!- dnaleor [~dnaleor@78-23-74-78.access.telenet.be] has quit [Quit: Leaving]
05:25 -!- dnaleor [~dnaleor@78-23-74-78.access.telenet.be] has joined #bitcoin-wizards
05:25 -!- harrymm [~wayne@104.237.91.228] has quit [Ping timeout: 260 seconds]
05:35 -!- laurentmt [~Thunderbi@176.158.157.202] has joined #bitcoin-wizards
05:48 -!- UnrealLife [~UnrealLif@93.169.168.193] has joined #bitcoin-wizards
05:58 -!- n1ce [~n1ce@unaffiliated/n1ce] has joined #bitcoin-wizards
05:59 -!- n1ce [~n1ce@unaffiliated/n1ce] has quit [Remote host closed the connection]
06:00 -!- n1ce [~n1ce@unaffiliated/n1ce] has joined #bitcoin-wizards
06:06 -!- marcoagner [~user@177.41.192.53] has quit [Ping timeout: 264 seconds]
06:11 -!- UnrealLife [~UnrealLif@93.169.168.193] has quit [Quit: Leaving]
06:19 -!- marcoagner [~user@177.41.200.138] has joined #bitcoin-wizards
06:22 -!- chjj [~chjj@unaffiliated/chjj] has quit [Ping timeout: 240 seconds]
06:23 -!- davec [~davec@cpe-24-243-249-218.hot.res.rr.com] has quit [Ping timeout: 260 seconds]
06:24 -!- Hard [~Jamie76@146-115-158-74.c3-0.frm-ubr1.sbo-frm.ma.cable.rcn.com] has joined #bitcoin-wizards
06:24 -!- Hard is now known as Hard_Line
06:25 -!- davec [~davec@cpe-24-243-249-218.hot.res.rr.com] has joined #bitcoin-wizards
06:27 < kanzure> .title https://github.com/tothemoon-org/extension-blocks/issues/9
06:27 < yoleaux> Exit maturity ? Issue #9 ? tothemoon-org/extension-blocks ? GitHub
06:30 -!- Sosumi [~Leon@bl10-113-190.dsl.telepac.pt] has joined #bitcoin-wizards
06:34 -!- moli_ [~molly@unaffiliated/molly] has quit [Ping timeout: 255 seconds]
06:34 -!- harrymm1 [~wayne@104.237.91.147] has quit [Remote host closed the connection]
06:35 -!- harrymm [~wayne@104.237.91.147] has joined #bitcoin-wizards
06:35 -!- chjj [~chjj@unaffiliated/chjj] has joined #bitcoin-wizards
06:35 -!- harrymm [~wayne@104.237.91.147] has quit [Max SendQ exceeded]
06:36 -!- harrymm [~wayne@104.237.91.147] has joined #bitcoin-wizards
06:44 -!- Hunger- [~Hunger@zer0days.com] has joined #bitcoin-wizards
06:47 -!- davec [~davec@cpe-24-243-249-218.hot.res.rr.com] has quit [Ping timeout: 268 seconds]
06:50 -!- chjj [~chjj@unaffiliated/chjj] has quit [Ping timeout: 260 seconds]
06:57 -!- davec [~davec@cpe-24-243-249-218.hot.res.rr.com] has joined #bitcoin-wizards
07:03 -!- chjj [~chjj@unaffiliated/chjj] has joined #bitcoin-wizards
07:16 -!- moli_ [~molly@unaffiliated/molly] has joined #bitcoin-wizards
07:18 -!- RubenSomsen [~RubenSoms@5ED2CA1D.cm-7-3d.dynamic.ziggo.nl] has quit [Ping timeout: 240 seconds]
07:23 -!- Giszmo [~leo@pc-240-13-215-201.cm.vtr.net] has joined #bitcoin-wizards
07:28 -!- BashCo [~BashCo@unaffiliated/bashco] has quit [Ping timeout: 240 seconds]
07:44 -!- RubenSomsen [~RubenSoms@5ED2CA1D.cm-7-3d.dynamic.ziggo.nl] has joined #bitcoin-wizards
07:45 -!- str4d [~str4d@27.110.123.92] has quit [Ping timeout: 260 seconds]
07:56 -!- talmai [~T@216.200.123.162] has joined #bitcoin-wizards
08:10 -!- BashCo [~BashCo@unaffiliated/bashco] has joined #bitcoin-wizards
08:12 -!- talmai [~T@216.200.123.162] has quit [Ping timeout: 240 seconds]
08:19 -!- smk [488b39a2@gateway/web/freenode/ip.72.139.57.162] has joined #bitcoin-wizards
08:21 -!- laurentmt [~Thunderbi@176.158.157.202] has quit [Quit: laurentmt]
08:27 -!- Aranjedeath [~Aranjedea@unaffiliated/aranjedeath] has joined #bitcoin-wizards
08:45 -!- jtimon [~quassel@9.31.134.37.dynamic.jazztel.es] has joined #bitcoin-wizards
08:48 -!- abpa [~abpa@96-82-80-28-static.hfc.comcastbusiness.net] has joined #bitcoin-wizards
08:58 -!- ratbanebo [~ratbanebo@ptr-fyxkxbv23lmjff0agmz.18120a2.ip6.access.telenet.be] has joined #bitcoin-wizards
09:02 -!- Giszmo [~leo@pc-240-13-215-201.cm.vtr.net] has quit [Ping timeout: 240 seconds]
09:17 -!- dnaleor [~dnaleor@78-23-74-78.access.telenet.be] has quit [Read error: Connection reset by peer]
09:20 -!- laurentmt [~Thunderbi@176.158.157.202] has joined #bitcoin-wizards
09:22 -!- Giszmo [~leo@ip-146-233.219.201.nextelmovil.cl] has joined #bitcoin-wizards
09:27 -!- dnaleor [~dnaleor@78-23-74-78.access.telenet.be] has joined #bitcoin-wizards
09:35 -!- adams__ [sid73416@gateway/web/irccloud.com/x-zqlbjgnwjbtvsepq] has quit [Remote host closed the connection]
09:35 -!- runeks [sid21167@gateway/web/irccloud.com/x-sltpgvdtmumwndib] has quit [Remote host closed the connection]
09:35 -!- nejon [uid38993@gateway/web/irccloud.com/x-cwhzldtvlzfesari] has quit [Remote host closed the connection]
09:40 -!- runeks [sid21167@gateway/web/irccloud.com/x-yfxoqywtgxevsgry] has joined #bitcoin-wizards
09:43 -!- adams__ [sid73416@gateway/web/irccloud.com/x-cvsikhdtacfknwvd] has joined #bitcoin-wizards
09:45 -!- RubenSomsen [~RubenSoms@5ED2CA1D.cm-7-3d.dynamic.ziggo.nl] has quit [Ping timeout: 240 seconds]
09:45 -!- nejon [uid38993@gateway/web/irccloud.com/x-djsgcmeryghrsetz] has joined #bitcoin-wizards
09:54 -!- Giszmo [~leo@ip-146-233.219.201.nextelmovil.cl] has quit [Quit: Leaving.]
09:55 -!- Giszmo [~leo@ip-146-233.219.201.nextelmovil.cl] has joined #bitcoin-wizards
10:01 -!- smk [488b39a2@gateway/web/freenode/ip.72.139.57.162] has quit [Ping timeout: 260 seconds]
10:04 -!- Giszmo [~leo@ip-146-233.219.201.nextelmovil.cl] has quit [Ping timeout: 240 seconds]
10:17 -!- benthamshead [~benthamsh@52.15.227.42] has joined #bitcoin-wizards
10:21 -!- Giszmo [~leo@ip-206-233.219.201.nextelmovil.cl] has joined #bitcoin-wizards
10:22 -!- UnrealLife [~UnrealLif@93.169.168.193] has joined #bitcoin-wizards
10:46 -!- Giszmo [~leo@ip-206-233.219.201.nextelmovil.cl] has quit [Ping timeout: 260 seconds]
11:05 -!- Giszmo [~leo@pc-240-13-215-201.cm.vtr.net] has joined #bitcoin-wizards
11:27 -!- laurentmt [~Thunderbi@176.158.157.202] has quit [Quit: laurentmt]
11:33 -!- priidu [~priidu@unaffiliated/priidu] has joined #bitcoin-wizards
11:37 -!- talmai [~T@c-76-24-28-74.hsd1.ma.comcast.net] has joined #bitcoin-wizards
11:38 -!- talmai [~T@c-76-24-28-74.hsd1.ma.comcast.net] has quit [Read error: Connection reset by peer]
11:57 -!- PaulCapestany [~PaulCapes@2604:5500:17:2ea:611c:e7bb:869d:a3e8] has quit [Quit: .]
12:02 -!- Hard_Line [~Jamie76@146-115-158-74.c3-0.frm-ubr1.sbo-frm.ma.cable.rcn.com] has quit [Read error: Connection reset by peer]
12:03 -!- UnrealLife [~UnrealLif@93.169.168.193] has quit [Ping timeout: 240 seconds]
12:08 -!- Giakamo [~Jamie76@ip-102-2-52-196.nyc.us.northamericancoax.com] has joined #bitcoin-wizards
12:08 -!- Giakamo is now known as Hard_Line
12:11 -!- ratbanebo [~ratbanebo@ptr-fyxkxbv23lmjff0agmz.18120a2.ip6.access.telenet.be] has quit [Remote host closed the connection]
12:11 -!- ratbanebo [~ratbanebo@ptr-fyxkxbv23lmjff0agmz.18120a2.ip6.access.telenet.be] has joined #bitcoin-wizards
12:15 -!- ratbanebo [~ratbanebo@ptr-fyxkxbv23lmjff0agmz.18120a2.ip6.access.telenet.be] has quit [Ping timeout: 268 seconds]
12:31 -!- Sosumi [~Leon@bl10-113-190.dsl.telepac.pt] has quit [Quit: Bye]
12:38 -!- Aranjedeath [~Aranjedea@unaffiliated/aranjedeath] has quit [Ping timeout: 258 seconds]
12:45 -!- ratbanebo [~ratbanebo@ptr-fyxkxbwbk9ynfbyippu.18120a2.ip6.access.telenet.be] has joined #bitcoin-wizards
12:50 -!- ratbanebo [~ratbanebo@ptr-fyxkxbwbk9ynfbyippu.18120a2.ip6.access.telenet.be] has quit [Ping timeout: 268 seconds]
12:56 -!- ratbanebo [~ratbanebo@ptr-fyxkxbwbk9ynfbyippu.18120a2.ip6.access.telenet.be] has joined #bitcoin-wizards
12:56 -!- bildramer [~bildramer@p2003004D2B189F00D421C7B79405DD81.dip0.t-ipconnect.de] has quit [Ping timeout: 240 seconds]
12:56 -!- bildramer [~bildramer@p2003004D2B189F0079A8CE331A9FBB60.dip0.t-ipconnect.de] has joined #bitcoin-wizards
13:04 -!- jtimon [~quassel@9.31.134.37.dynamic.jazztel.es] has quit [Ping timeout: 268 seconds]
13:07 -!- ananteris [~user@185.149.90.90] has quit [Changing host]
13:07 -!- ananteris [~user@unaffiliated/ananteris] has joined #bitcoin-wizards
13:07 -!- Dyaheon [~Dya@a91-156-192-24.elisa-laajakaista.fi] has quit [Ping timeout: 240 seconds]
13:08 -!- tromp [~tromp@ool-944bc443.dyn.optonline.net] has joined #bitcoin-wizards
13:08 -!- Dyaheon [~Dya@a91-156-192-24.elisa-laajakaista.fi] has joined #bitcoin-wizards
13:12 -!- tromp [~tromp@ool-944bc443.dyn.optonline.net] has quit [Ping timeout: 255 seconds]
13:14 -!- ratbanebo [~ratbanebo@ptr-fyxkxbwbk9ynfbyippu.18120a2.ip6.access.telenet.be] has quit [Remote host closed the connection]
13:15 -!- oleganza [~oleganza@52.119.113.96] has joined #bitcoin-wizards
13:34 -!- MaxSan1 [~one@185.156.175.59] has joined #bitcoin-wizards
13:35 -!- jtimon [~quassel@9.31.134.37.dynamic.jazztel.es] has joined #bitcoin-wizards
13:46 -!- chjj [~chjj@unaffiliated/chjj] has quit [Ping timeout: 260 seconds]
13:52 -!- ratbanebo [~ratbanebo@ptr-fyxkxbwv3xdnl4n1swd.18120a2.ip6.access.telenet.be] has joined #bitcoin-wizards
13:54 -!- Guyver2 [~Guyver2@guyver2.xs4all.nl] has quit [Quit: :)]
13:57 -!- ratbanebo [~ratbanebo@ptr-fyxkxbwv3xdnl4n1swd.18120a2.ip6.access.telenet.be] has quit [Ping timeout: 268 seconds]
13:59 -!- chjj [~chjj@unaffiliated/chjj] has joined #bitcoin-wizards
14:08 -!- tromp [~tromp@ool-944bc443.dyn.optonline.net] has joined #bitcoin-wizards
14:13 -!- tromp [~tromp@ool-944bc443.dyn.optonline.net] has quit [Ping timeout: 240 seconds]
14:21 -!- pump1 [o3u@162.243.79.19] has quit [Quit: leaving]
14:21 -!- Fistful_of_Coins [o3u@162.243.79.19] has joined #bitcoin-wizards
14:22 -!- priidu [~priidu@unaffiliated/priidu] has quit [Ping timeout: 246 seconds]
14:32 -!- kristofferR [~kristoffe@91.37-191-173.fiber.lynet.no] has quit [Quit: Textual IRC Client: www.textualapp.com]
14:34 -!- kristofferR [~kristoffe@91.37-191-173.fiber.lynet.no] has joined #bitcoin-wizards
14:37 < oleganza> Do i understand that ECDSA requires to publish `s` value, but it's never used, only `s^-1` is actually used? So verifiers must do the scalar inversion each time?
14:38 < sipa> indeed
14:38 < oleganza> How much slower ECDSA is compared to libsecp256k1's Schnorr signature verification (in whichever form it is right now)? Meaning, how much overhead scalar inversion adds?
14:38 < sipa> within a few %
14:39 < sipa> as the inversion is on the verifier side, it can be done with a variable-time algorithm
14:39 < oleganza> btw, how many schnorr sigs per second libsecp256k1 verifies right now?
14:40 < sipa> on typical x86_64 hardware a verification is around 250k cycles
14:41 < sipa> so around 13000 verification per core, at 3GHz
14:41 < gmaxwell> oleganza: zero because there is no schnorr signature code in the codebase anymore (we dropped that expirement after realizing we needed a different construction).
14:42 < oleganza> different than vanilla Schnorr?
14:42 < sipa> there is no 'vanilla' Schnorr
14:42 < oleganza> well, i mean, "simplest one"
14:42 < gmaxwell> oleganza: the difference from the inversion was mostly introduced because the construction we had eliminated another inversion avoidance optimization that our ecdsa code has.
14:43 < oleganza> gmaxwell: i'm sorry, i probably confused you with inversion question
14:43 < gmaxwell> No, I don't think you did.
14:43 < sipa> oleganza: performance wise, none of this matters
14:43 < oleganza> i know there's no inversion required in schnorr sig, i asked about ECDSA vs Schnorr
14:43 < gmaxwell> oleganza: That isn't true.
14:43 < sipa> Schnorr and ECDSA are approximately the same performance
14:43 < oleganza> gmaxwell: how so? verification is `e =?= Hash(s*G - e*P)`, no?
14:44 < sipa> oleganza: 'our' Schnorr construction publishes R and s
14:44 < gmaxwell> oleganza: A normal construction of a schnorr signature has a modular inversion (wrt P) in the reprojection of the R' back to affine coordinates.
14:44 < oleganza> R being s*G-e*P, right?
14:44 < sipa> because that's batch verifiable
14:44 < gmaxwell> e,s = moronic schnorr mostly.
14:44 < gmaxwell> :P
14:44 < oleganza> gmaxwell: why? :)
14:45 < sipa> oleganza: the (e,s) version cannot be batch verified
14:45 < gmaxwell> the only reason you generally see people use e,s is because of earlier incorrect security reasoning that said that e could be half size.   Amongh other downsides it makes it infeasable to do batch validation.
14:45 < oleganza> ah, i see.
14:45 -!- laurentmt [~Thunderbi@176.158.157.202] has joined #bitcoin-wizards
14:45 < oleganza> half size == 128 bits vs 256 bits?
14:45 < andytoshi> gmaxwell: the (e,s) form can be extended to a proof-of-equality-of-DL with no additional space requirement
14:45 < sipa> in non-EC Schnorr, the (e,s) version is smaller
14:45 < sipa> because e is a hash rather than a group element
14:45 < gmaxwell> andytoshi: for the same reason it's useful in the borromean ring signature, right.
14:45 < oleganza> sipa: got it
14:46 < oleganza> easy to forget there is life before ECC
14:46 < oleganza> (j/k)
14:46 < sipa> oleganza: QC is going to hurt.
14:46 < gmaxwell> In any case regardless of all this verification normally has an inversion in the reprojection of the point.  But our ECDSA does not have that inversion.  But the trick we use to eliminate it would permit signatures which are not batch verifyable.
14:46 < sipa> gmaxwell: it does
14:46 < sipa> gmaxwell: oleganza is talking about a different inversion
14:46 < gmaxwell> jesus please
14:47 -!- ratbanebo [~ratbanebo@ptr-fyxkxbu9jf23bstpk7b.18120a2.ip6.access.telenet.be] has joined #bitcoin-wizards
14:47 < oleganza> i was talking inversion 1/k modulo group order, not in the undelrlying field
14:47 < gmaxwell> Stop telling me that I don't know what I'm talking about for a freeking minue!
14:47 < sipa> the naive ECDSA verifier has 2 inversions (a scalar one and a field one)
14:47 < sipa> we eliminated the field inversion but not the scalar one
14:47 < gmaxwell> If you don't stop I am parting the channel.
14:47 < sipa> ok.
14:48 < gmaxwell> Oleg is asking about the relative perfomance of  schorr vs ecdsa, and noting that schnorr can avoid the input inversion... so it should be faster.
14:48 < sipa> yes
14:48 < gmaxwell> And I was _trying_ to explain that there are two inversions to talk about: and our ECDSA eliminates the output one. While the schnorr construction natrually didn't have the input one.
14:48 < gmaxwell> The result is that the performance is very close to identical.
14:49 < gmaxwell> If our schnorr construction eliminated the output too (which was incompatible with batch verify) then it would be about 4% faster-ish than the ECDSA.
14:49 < sipa> ok, agree with all that :)
14:50 < gmaxwell> Though we also now have another construction that can replace that inversion with checking for quadratic residuosity which should be in between.
14:50 < gmaxwell> (so again, faster than ECDSA but maybe only 2% faster)
14:50 < sipa> except it requires a complicated algorithm to implement
14:50 < gmaxwell> yea yea. well if you want it to be fast. :P
14:50 < sipa> and the naive implementation of quadratic residue checking is similar in speed to the naive inversion
14:50 < gmaxwell> right.
14:51 < sipa> in any case:
14:51 < sipa> 21:43:29 < sipa> Schnorr and ECDSA are approximately the same performance
14:52 -!- ratbanebo [~ratbanebo@ptr-fyxkxbu9jf23bstpk7b.18120a2.ip6.access.telenet.be] has quit [Ping timeout: 268 seconds]
14:52 < gmaxwell> in any case, thats all I wanted to point out. Thats why they are the same performance, even though it seems surprising because the schnorr has one less inversion, the batchability gives it one more. If you didn't care about that (you usually should since it's a large speedup), then the schnorr would be faster by the speed of an inverse, which is perhaps 4%.
14:52 < gmaxwell> so hopefully this should answer why we're saying the schnorr was not faster though intuition says it should be. :P
14:55 -!- UnrealLife [~UnrealLif@93.169.112.39] has joined #bitcoin-wizards
14:57 -!- MaxSan1 [~one@185.156.175.59] has quit [Ping timeout: 246 seconds]
14:57 < sipa> actually, iirc, it's worse even
14:57 < sipa> because to have batch-verifiability you need to report the full R point
14:57 < sipa> which either means 32 bytes extra for the Y coordinate, or an extra square root for computing Y from X
14:58 < sipa> and a square root is even slower than an inverse
14:58 -!- UnrealLife [~UnrealLif@93.169.112.39] has quit [Client Quit]
15:00 < gmaxwell> no one wants the extra 32 bytes, so you get the sqrt in the batch verifier but you don't have it in the non-batch verifier.
15:00 < gmaxwell> in the non-batch verifier you construct R' and then convert to affine and check it's sign agress with the signature. (or in the code we had, that its sign had a particular value)
15:00 < oleganza> gmaxwell: because you can just say "i don't care about Y coordinate" in non-batch?
15:01 < oleganza> ah, i see
15:01 < sipa> gmaxwell: right!
15:01 < gmaxwell> oleganza: if you don't care about it in non-batch someone can give you an invalid signature that a batch validator would reject but you wouldn't. so you have to check agreement.
15:01 < oleganza> makes sense
15:01 < oleganza> that's a pretty deep explanation, thanks sipa & gmaxwell.
15:01 < gmaxwell> sipa: the reconstruction of R still only takes one inversion due to the montogomery trick but two more field multiplies.
15:04 -!- MaxSan [~one@185.156.175.59] has joined #bitcoin-wizards
15:10 -!- MaxSan [~one@185.156.175.59] has quit [Read error: Connection reset by peer]
15:15 -!- MaxSan [~one@185.156.175.35] has joined #bitcoin-wizards
15:22 -!- Nightwolf [~Nightwolf@unaffiliated/nightwolf] has quit [Remote host closed the connection]
15:24 -!- tromp [~tromp@ool-944bc443.dyn.optonline.net] has joined #bitcoin-wizards
15:29 -!- tromp [~tromp@ool-944bc443.dyn.optonline.net] has quit [Ping timeout: 268 seconds]
15:33 -!- Nightwolf [~Nightwolf@unaffiliated/nightwolf] has joined #bitcoin-wizards
15:41 -!- ratbanebo [~ratbanebo@ptr-fyxkxbwuxe5s444urvk.18120a2.ip6.access.telenet.be] has joined #bitcoin-wizards
15:45 -!- ratbanebo [~ratbanebo@ptr-fyxkxbwuxe5s444urvk.18120a2.ip6.access.telenet.be] has quit [Ping timeout: 240 seconds]
15:49 -!- ratbanebo [~ratbanebo@78-23-23-157.access.telenet.be] has joined #bitcoin-wizards
15:49 -!- ratbanebo [~ratbanebo@78-23-23-157.access.telenet.be] has quit [Remote host closed the connection]
15:59 -!- MaxSan [~one@185.156.175.35] has quit [Ping timeout: 260 seconds]
16:00 -!- MaxSan [~one@185.156.175.35] has joined #bitcoin-wizards
16:01 -!- renlord [80fa0068@gateway/web/freenode/ip.128.250.0.104] has joined #bitcoin-wizards
16:03 -!- renlord [80fa0068@gateway/web/freenode/ip.128.250.0.104] has quit [Client Quit]
16:14 -!- juscamarena_ [~justin@47.148.176.74] has quit [Ping timeout: 268 seconds]
16:14 -!- jannes [~jannes@095-097-246-234.static.chello.nl] has quit [Quit: Leaving]
16:32 -!- superkuh [~superkuh@unaffiliated/superkuh] has quit [Remote host closed the connection]
16:32 -!- Dyaheon [~Dya@a91-156-192-24.elisa-laajakaista.fi] has quit [Ping timeout: 240 seconds]
16:33 -!- Dyaheon [~Dya@a91-156-192-24.elisa-laajakaista.fi] has joined #bitcoin-wizards
16:34 -!- renlord [~renlord@45.76.118.157] has joined #bitcoin-wizards
16:37 -!- renlord [~renlord@45.76.118.157] has quit [Client Quit]
16:37 -!- renlord [~renlord@45.76.118.157] has joined #bitcoin-wizards
16:37 -!- superkuh [~superkuh@unaffiliated/superkuh] has joined #bitcoin-wizards
16:43 -!- ratbanebo [~ratbanebo@ptr-fyxkxbvukffn578w3bv.18120a2.ip6.access.telenet.be] has joined #bitcoin-wizards
16:43 -!- str4d [~str4d@27.110.123.92] has joined #bitcoin-wizards
16:47 -!- ratbanebo [~ratbanebo@ptr-fyxkxbvukffn578w3bv.18120a2.ip6.access.telenet.be] has quit [Ping timeout: 240 seconds]
16:57 -!- str4d [~str4d@27.110.123.92] has quit [Ping timeout: 268 seconds]
16:58 -!- abpa [~abpa@96-82-80-28-static.hfc.comcastbusiness.net] has quit [Quit: Textual IRC Client: www.textualapp.com]
17:14 -!- marcoagner [~user@177.41.200.138] has quit [Read error: Connection reset by peer]
17:14 -!- marcoagner [~user@177.41.200.138] has joined #bitcoin-wizards
17:19 -!- tromp [~tromp@148.75.196.67] has joined #bitcoin-wizards
17:30 -!- dnaleor [~dnaleor@78-23-74-78.access.telenet.be] has quit [Quit: Leaving]
17:30 -!- tromp [~tromp@148.75.196.67] has quit [Remote host closed the connection]
17:30 -!- dnaleor [~dnaleor@78-23-74-78.access.telenet.be] has joined #bitcoin-wizards
17:32 -!- oleganza [~oleganza@52.119.113.96] has quit [Quit: oleganza]
17:37 -!- ratbanebo [~ratbanebo@ptr-fyxkxbv5mm4ow7yeg94.18120a2.ip6.access.telenet.be] has joined #bitcoin-wizards
17:42 -!- ratbanebo [~ratbanebo@ptr-fyxkxbv5mm4ow7yeg94.18120a2.ip6.access.telenet.be] has quit [Ping timeout: 268 seconds]
17:48 -!- Noldorin [~noldorin@unaffiliated/noldorin] has joined #bitcoin-wizards
17:48 -!- Ylbam [uid99779@gateway/web/irccloud.com/x-hflsokifwvjuxcti] has quit [Quit: Connection closed for inactivity]
18:02 -!- jtimon [~quassel@9.31.134.37.dynamic.jazztel.es] has quit [Ping timeout: 260 seconds]
18:03 -!- tromp [~tromp@ool-944bc443.dyn.optonline.net] has joined #bitcoin-wizards
18:23 -!- rusty [~rusty@pdpc/supporter/bronze/rusty] has joined #bitcoin-wizards
18:55 -!- tromp [~tromp@ool-944bc443.dyn.optonline.net] has quit [Remote host closed the connection]
18:59 -!- ratbanebo [~ratbanebo@ptr-fyxkxbvac0e76aynqvo.18120a2.ip6.access.telenet.be] has joined #bitcoin-wizards
19:01 -!- pro [~pro@unaffiliated/pro] has quit [Quit: Leaving]
19:03 -!- laurentmt [~Thunderbi@176.158.157.202] has quit [Quit: laurentmt]
19:15 -!- ratbanebo [~ratbanebo@ptr-fyxkxbvac0e76aynqvo.18120a2.ip6.access.telenet.be] has quit [Remote host closed the connection]
19:16 -!- ratbanebo [~ratbanebo@ptr-fyxkxbvac0e76aynqvo.18120a2.ip6.access.telenet.be] has joined #bitcoin-wizards
19:17 -!- Noldorin [~noldorin@unaffiliated/noldorin] has quit [Quit: My MacBook Pro has gone to sleep. ZZZzzz...]
19:20 -!- ratbanebo [~ratbanebo@ptr-fyxkxbvac0e76aynqvo.18120a2.ip6.access.telenet.be] has quit [Ping timeout: 240 seconds]
19:30 -!- rusty [~rusty@pdpc/supporter/bronze/rusty] has quit [Quit: Leaving.]
19:31 -!- rusty [~rusty@pdpc/supporter/bronze/rusty] has joined #bitcoin-wizards
19:33 -!- tromp [~tromp@ool-944bc443.dyn.optonline.net] has joined #bitcoin-wizards
19:35 -!- ratbanebo [~ratbanebo@ptr-fyxkxbx6ni3hlba3z1s.18120a2.ip6.access.telenet.be] has joined #bitcoin-wizards
19:36 -!- ratbanebo [~ratbanebo@ptr-fyxkxbx6ni3hlba3z1s.18120a2.ip6.access.telenet.be] has quit [Remote host closed the connection]
19:48 -!- tromp [~tromp@ool-944bc443.dyn.optonline.net] has quit [Remote host closed the connection]
20:01 -!- talmai [~T@c-24-147-97-55.hsd1.ma.comcast.net] has joined #bitcoin-wizards
20:29 -!- ratbanebo [~ratbanebo@ptr-fyxkxbw11couz5dy1ez.18120a2.ip6.access.telenet.be] has joined #bitcoin-wizards
20:33 -!- ratbanebo [~ratbanebo@ptr-fyxkxbw11couz5dy1ez.18120a2.ip6.access.telenet.be] has quit [Ping timeout: 240 seconds]
20:45 -!- tromp [~tromp@ool-944bc443.dyn.optonline.net] has joined #bitcoin-wizards
20:51 -!- d9b4bef9 [~d9b4bef9@207.38.86.239] has quit [Remote host closed the connection]
20:52 -!- d9b4bef9 [~d9b4bef9@207.38.86.239] has joined #bitcoin-wizards
20:52 -!- q4 [~q4@user-94-254-238-40.play-internet.pl] has joined #bitcoin-wizards
20:58 -!- tromp [~tromp@ool-944bc443.dyn.optonline.net] has quit [Remote host closed the connection]
21:00 -!- legogris [~legogris@128.199.205.238] has quit [Remote host closed the connection]
21:00 -!- legogris [~legogris@128.199.205.238] has joined #bitcoin-wizards
21:22 -!- q4 [~q4@user-94-254-238-40.play-internet.pl] has quit [Ping timeout: 240 seconds]
21:39 -!- tromp [~tromp@ool-944bc443.dyn.optonline.net] has joined #bitcoin-wizards
21:56 -!- TheSeven [~quassel@rockbox/developer/TheSeven] has quit [Disconnected by services]
21:56 -!- [7] [~quassel@rockbox/developer/TheSeven] has joined #bitcoin-wizards
22:18 -!- ratbanebo [~ratbanebo@ptr-fyxkxbts64su0qybe2t.18120a2.ip6.access.telenet.be] has joined #bitcoin-wizards
22:18 -!- tromp [~tromp@ool-944bc443.dyn.optonline.net] has quit [Remote host closed the connection]
22:22 -!- ratbanebo [~ratbanebo@ptr-fyxkxbts64su0qybe2t.18120a2.ip6.access.telenet.be] has quit [Ping timeout: 240 seconds]
22:27 -!- oleganza [~oleganza@c-73-170-224-149.hsd1.ca.comcast.net] has joined #bitcoin-wizards
22:38 -!- Ylbam [uid99779@gateway/web/irccloud.com/x-bbinjwsyofogyeos] has joined #bitcoin-wizards
22:46 -!- RubenSomsen [~RubenSoms@5ED2CA1D.cm-7-3d.dynamic.ziggo.nl] has joined #bitcoin-wizards
22:49 -!- talmai [~T@c-24-147-97-55.hsd1.ma.comcast.net] has quit [Quit: mining]
22:56 -!- ratbanebo [~ratbanebo@78-23-23-157.access.telenet.be] has joined #bitcoin-wizards
22:59 -!- ratbanebo [~ratbanebo@78-23-23-157.access.telenet.be] has quit [Remote host closed the connection]
23:03 -!- moli_ [~molly@unaffiliated/molly] has quit [Read error: Connection reset by peer]
23:03 -!- moli_ [~molly@unaffiliated/molly] has joined #bitcoin-wizards
23:07 -!- moli_ [~molly@unaffiliated/molly] has quit [Read error: Connection reset by peer]
23:08 -!- moli_ [~molly@unaffiliated/molly] has joined #bitcoin-wizards
23:08 -!- ratbanebo [~ratbanebo@78-23-23-157.access.telenet.be] has joined #bitcoin-wizards
23:13 -!- moli_ [~molly@unaffiliated/molly] has quit [Ping timeout: 240 seconds]
23:13 -!- moli_ [~molly@unaffiliated/molly] has joined #bitcoin-wizards
23:19 -!- tromp [~tromp@ool-944bc443.dyn.optonline.net] has joined #bitcoin-wizards
23:23 -!- tromp [~tromp@ool-944bc443.dyn.optonline.net] has quit [Ping timeout: 240 seconds]
23:32 -!- ratbanebo [~ratbanebo@78-23-23-157.access.telenet.be] has quit [Remote host closed the connection]
23:51 -!- ratbanebo [~ratbanebo@ptr-fyxkxbuqmi8ydnu2v4j.18120a2.ip6.access.telenet.be] has joined #bitcoin-wizards
23:52 -!- BashCo [~BashCo@unaffiliated/bashco] has quit [Ping timeout: 240 seconds]
--- Log closed Fri May 05 00:00:45 2017