--- Log opened Fri Jun 14 00:00:41 2019
06:59 -!- elichai2 [uid212594@gateway/web/irccloud.com/x-zcvtlcjqhwmrotma] has joined #secp256k1
07:18 < roconnor> If you are going insist on using additive notation, I'm gonna insist you call it a discrete division protocols.  Did I get that right?
07:20 < sipa> roconnor: i think it should be elliptic curve division if you want tonget pedantic
07:23 < real_or_random> elichai2: I hope it didn't look like we're seriously angry about notation. :)
07:24 < roconnor> Fair enough.  But when I read *additive* notation together with discrete *log* problem, I just assumed Oleg was making a joke. :D
07:24 < elichai2> real_or_random: there was someone on twitter saying something like "if you prefer additive notation this means you learned cryptography from the internet and you shouldn't do it" :/
07:24 < sipa> elichai2: i don't need to look to know who said that :)
07:25 < real_or_random> I remember this (and I honestly don't remember who said it). yes that was somewhat harsh ^^
07:25 < elichai2> real_or_random: btw, had a fun morning seeing your suggestion lol, were you serious? (replacing the OpenSSL in tests)
07:25 < sipa> real_or_random: do you really not remember? i'm sure you can guess :)
07:25 < elichai2> yep haha, in the end it it's just notation, people should calm down haha
07:26 < real_or_random> sipa: no I don't and I can't find of a guess. but let me search for that,  now I'm curious
07:26 < sipa> i agree with the first part though; i think your preference for group notation is correlated to whether you were tought cryptographic at university
07:26 < real_or_random> *think of a guess
07:27 < elichai2> sipa: yeah, but I really don't think that the university is the only place when you can learn cryptography properly
07:27 < sipa> elichai2: as someone who didn't, i obviously agree
07:27 < real_or_random> elichai2: yes, I was serious. I mean, gmaxwell was talking about a simple, non-production implementation of ecdsa. it does not mean that it needs to replace the openssl tests but crosstesting to another implemenation could be interesting
07:28 < sipa> real_or_random: bitcoin core has ecdsa tests in python now
07:28 < real_or_random> in particular if it implements schnorr and other stuff too
07:28 < sipa> maybe we can test against something like that
07:28 < elichai2> the only thing  missing in my schnorr implementation is the jacobi symbol
07:29 < real_or_random> okay I can't find that on twitter, please tell me lol
07:29 < elichai2> (and on my side I'm already testing against rust-secp256k1 which is secp256k1)
07:30 < elichai2> real_or_random: how bad will it be to add rust to the tests toolchain?
07:31 < elichai2> (i'm still talking only in theory, it might be a good way for me to get familiar with secp256k1 tests even if the PR won't be merged in the end)
07:31 < real_or_random> no idea, but may be easier than python
07:31 < sipa> i don't know what how big of a logistic issue that is, but cfields was looking into doing it for bitcoin core
07:32 < sipa> (build integration with rust)
07:32 < real_or_random> I mean... you could for example export your rust implementations to be usable in c and then the tests could link to it, like they link to openssl
07:32 < sipa> i think python is far easier, as it's just a runtime dependency, not a build system thing
07:32 < real_or_random> right, in that sense python is much easier.
07:33 < elichai2> real_or_random: yeah of course i'll need to write a rust-c bindings so it could be compiled into an a/so file and the tests could stay in C
07:33 < sipa> but i also know no rust
07:33 < real_or_random> I'm just saying it's not absurd. on the other hand -- if you're already cross-testing against rust-secp256k1, that has the same effect already now
07:34 < elichai2> I'll try to write that just for the fun of it and if it will be merged in the end than even better :)
07:34 < sipa> actually python has the disadvantage that we'd need to expose internal functions to be testable from python
07:34 < elichai2> I hope i'll have time for it this weekend(i'm in the chaincode residency now so already have ton of work lol)
07:34 < sipa> because calling python from c sounds like here be dragons
07:34 < elichai2> sipa: yep. rust and C are easily interchangeable
07:34 < sipa> yeah
07:35 < sipa> elichai2: how long is the residency?
07:35 < sipa> 3 months?
07:35 < elichai2> hmm the learning part is 3 weeks. after that there's a 2 month project. so yeah ~3 months overall
07:36 < sipa> hmm, but what we compare with ecdsa is just ecdsa_verify
07:36 < sipa> so nothing low-level at all; this could perfectly be done from a python program
07:41 -!- wallet42 [sid154231@gateway/web/irccloud.com/x-qlchifbqpgoytbey] has joined #secp256k1
07:41 < elichai2> real_or_random: https://twitter.com/secparam/status/1132801016439758848
07:42 < elichai2> sipa: now I'm curious, may I ask how you learned/got into cryptography?
07:42 < real_or_random> kk
08:19 < sipa> elichai2: eh, i still think i didn't
08:20 < sipa> mostly by reading source code, some things on stackexchange and wikipedia, and talking to people
08:35 < elichai2> Interesting, it's very encouraging to see that someone could become a respectable person in that subject without having a formal degree in cryptography :)
11:31 -!- ddustin [~ddustin@unaffiliated/ddustin] has joined #secp256k1
11:38 -!- ddustin [~ddustin@unaffiliated/ddustin] has quit [Remote host closed the connection]
11:59 < nickler> wrt python vs rust crosstesting it would be better if the test implementation was fast and therefore a build system thing
11:59 < cfields> sipa: I'd be happy to hook up the machinery if you're interested.
11:59 < nickler> It allows fuzzing-for-difference which has found crypto bugs in the past
11:59 < cfields> it's much easy with libsecp256k1 without all of the other dependencies.
12:13 < elichai2> nickler: i'll probably work on a PR this weekend, so we could then see how viable is this
12:13 < elichai2> (after I implement the Jacobi symbol in my rust code)
16:28 -!- elichai2 [uid212594@gateway/web/irccloud.com/x-zcvtlcjqhwmrotma] has quit [Quit: Connection closed for inactivity]
23:27 -!- Netsplit *.net <-> *.split quits: midnightmagic
23:27 -!- Netsplit *.net <-> *.split quits: kallewoof
23:37 -!- Netsplit over, joins: midnightmagic
23:38 -!- Netsplit over, joins: kallewoof
--- Log closed Sat Jun 15 00:00:45 2019