--- Day changed Mon Nov 09 2015
02:25 -!- jtimon [~quassel@74.29.134.37.dynamic.jazztel.es] has quit [Read error: Connection reset by peer]
--- Log closed Mon Nov 09 02:34:01 2015
--- Log opened Mon Nov 09 03:41:39 2015
03:41 -!- kanzure [~kanzure@unaffiliated/kanzure] has joined #secp256k1
03:41 -!- Irssi: #secp256k1: Total of 21 nicks [1 ops, 0 halfops, 0 voices, 20 normal]
03:50 -!- Irssi: Join to #secp256k1 was synced in 585 secs
04:22 -!- GAit [~GAit@2-228-102-98.ip191.fastwebnet.it] has quit [Quit: Leaving.]
04:51 -!- GAit [~GAit@2-228-102-98.ip191.fastwebnet.it] has joined #secp256k1
06:05 -!- GAit [~GAit@2-228-102-98.ip191.fastwebnet.it] has quit [Quit: Leaving.]
06:08 -!- GAit [~GAit@2-228-102-98.ip191.fastwebnet.it] has joined #secp256k1
06:57 -!- waxwing [~waxwing@62.205.214.125] has quit [Read error: Connection reset by peer]
07:02 -!- waxwing [~waxwing@62.205.214.125] has joined #secp256k1
07:06 -!- GAit [~GAit@2-228-102-98.ip191.fastwebnet.it] has quit [Quit: Leaving.]
07:10 -!- GAit [~GAit@2-228-102-98.ip191.fastwebnet.it] has joined #secp256k1
08:41 -!- GAit [~GAit@2-228-102-98.ip191.fastwebnet.it] has quit [Quit: Leaving.]
08:43 -!- GAit [~GAit@2-228-102-98.ip191.fastwebnet.it] has joined #secp256k1
08:54 -!- GAit [~GAit@2-228-102-98.ip191.fastwebnet.it] has quit [Quit: Leaving.]
09:37 <@andytoshi> you may be interested to know that the NUMS x-value in ecmult_gen_impl.h:52 also gives rise to a point in the group of order 199
09:50 <@andytoshi> i've exhaustively tested ecdsa_sign on the 199-element group!
10:04 -!- GAit [~GAit@2-230-161-158.ip202.fastwebnet.it] has joined #secp256k1
10:20 <@andytoshi> this takes 8 and a half minutes on my system.
10:20 -!- GAit [~GAit@2-230-161-158.ip202.fastwebnet.it] has quit [Read error: Connection reset by peer]
10:20 -!- GAit [~GAit@2-230-161-158.ip202.fastwebnet.it] has joined #secp256k1
11:33 < gmaxwell> andytoshi: my only thought remains,--- "199 is prime?"
12:49 <@andytoshi> hehe, it's one of those composite-shaped primes .. base 10 has a lot of those
12:50 < waxwing> 91 is the lowest prime-shaped composite
12:54 <@andytoshi> waxwing: hahaha
13:03 -!- evoskuil [~evoskuil@c-73-225-134-208.hsd1.wa.comcast.net] has quit [Read error: Connection reset by peer]
13:05 < gmaxwell> andytoshi: does your sign test prove the zero knoweldgeness of the signature too?
13:09 -!- evoskuil [~evoskuil@c-73-225-134-208.hsd1.wa.comcast.net] has joined #secp256k1
13:39 <@andytoshi> gmaxwell: not yet, no
14:35 -!- sipa [~pw@2a02:348:86:3011::1] has joined #secp256k1
15:08 -!- GAit [~GAit@2-230-161-158.ip202.fastwebnet.it] has quit [Quit: Leaving.]
15:39 -!- GAit [~GAit@2-230-161-158.ip202.fastwebnet.it] has joined #secp256k1
15:41 -!- GAit [~GAit@2-230-161-158.ip202.fastwebnet.it] has quit [Client Quit]
15:41 -!- GAit [~GAit@2-230-161-158.ip202.fastwebnet.it] has joined #secp256k1
15:50 -!- GAit [~GAit@2-230-161-158.ip202.fastwebnet.it] has quit [Quit: Leaving.]
16:31 -!- GAit [~GAit@2-230-161-158.ip202.fastwebnet.it] has joined #secp256k1
17:08 -!- GAit [~GAit@2-230-161-158.ip202.fastwebnet.it] has quit [Quit: Leaving.]
17:16 -!- GAit [~GAit@2-230-161-158.ip202.fastwebnet.it] has joined #secp256k1
17:16 -!- GAit [~GAit@2-230-161-158.ip202.fastwebnet.it] has quit [Client Quit]
21:00 <@andytoshi> gmaxwell: so, ECDSA is not really zero knowledge on groups of this size ... if you reject R values that overflow the group order (as in the protocol) then there are no signatures, but if you wrap them (like I'm doing ) then some R values are more probable than others
21:01 <@andytoshi> now, the curve y^2 = x^3 + 12 over Z/271Z has a group of order 271, so if i can do a low-order field implementation (i haven't looked at how hard this is yet) then i can solve this
21:01 <@andytoshi> (that is, the group order and modulus are one and the same, so i don't have to worry about overflow)
22:06 < gmaxwell> andytoshi: hm, I wouldn't have wrapped; I would truncate bits until its < 1 bit larger, and then reject.
22:46 -!- fkhan [weechat@gateway/vpn/mullvad/x-urggymssigpspxaw] has quit [Ping timeout: 260 seconds]
23:13 -!- fkhan [weechat@gateway/vpn/mullvad/x-aopqxjyqxklngfzi] has joined #secp256k1