--- Log opened Fri May 19 00:00:05 2023
02:05 -!- darosior [~darosior@194.36.189.246] has quit [Remote host closed the connection]
02:07 -!- darosior [~darosior@194.36.189.246] has joined #secp256k1
02:09 -!- siv2r [~siv2rmatr@2001:470:69fc:105::fed3] has quit [Remote host closed the connection]
02:25 -!- darosior [~darosior@194.36.189.246] has quit [Ping timeout: 256 seconds]
04:02 < elichai2> If I have a `secp256k1_gej` and I need to convert it to `secp256k1_ge` (say for hashing) and then I want to continue doing operations, does the performance matter if I use the "pre-conversion" jacobian point vs converting the affine one to a new jacobian point?
04:03 < sipa> It shouldn't matter.
04:03 < sipa> Performance of (X,Y,1) jacobian points should be identical to performance of (X,Y,Z) ones.
04:10 < elichai2> hmm makes sense, otherwise it would've been a side channel for the value of `Z` :)
04:10 < sipa> In theory, vartime functions could distinguish, but they don't.
04:10 < elichai2> (well, although there could be a gej_add_var or something like that)
04:10 < elichai2> sipa: :)
04:12 -!- darosior [~darosior@194.36.189.246] has joined #secp256k1
06:30 < andytoshi> it may be possible to delay the conversion back to gej though and use ge functtions
06:30 < andytoshi> which i believe is "the way to exploit Z = 1" in this library
06:30 < sipa> That'd be even better.
06:31 < sipa> But yes, exactly, if you know something will have Z=1, it shouldn't be a gej.
06:32 < andytoshi> if you're doing something new, you may need to/want to add new ge functions, which i think we'd accept alongside code that used it
06:37 < sipa> And if you're forced to convert to a gej still that likely means there is just no way to exploit Z=1 more than negligibly.
07:35 -!- preimage [~halosghos@user/halosghost] has joined #secp256k1
13:39 -!- strive [~strive@141.255.164.91] has joined #secp256k1
13:40 -!- strive [~strive@141.255.164.91] has quit [Client Quit]
14:45 -!- preimage [~halosghos@user/halosghost] has quit [Quit: WeeChat 3.8]
--- Log closed Sat May 20 00:00:06 2023