Elligator script: alternate way to co-clear

author Loup Vaillant <loup@loup-vaillant.fr>

Mon, 23 Mar 2020 15:36:27 +0000 (16:36 +0100)

committer Loup Vaillant <loup@loup-vaillant.fr>

Mon, 23 Mar 2020 15:36:27 +0000 (16:36 +0100)
author Loup Vaillant <loup@loup-vaillant.fr>
Mon, 23 Mar 2020 15:36:27 +0000 (16:36 +0100)
committer Loup Vaillant <loup@loup-vaillant.fr>
Mon, 23 Mar 2020 15:36:27 +0000 (16:36 +0100)
diff --git a/tests/gen/elligator_scalarmult.py b/tests/gen/elligator_scalarmult.py

index 24f45438eaa047941b7ea6c029b06b113a85baf5..2ee08604de79c254140be0e5ddd32f4c285ed96a 100644 (file)
--- a/tests/gen/elligator_scalarmult.py
+++ b/tests/gen/elligator_scalarmult.py
@@ -184,13 +184,13 @@ order = 2**252 + 27742317777372353535851937790883648493
  
  # Single scalar multiplication (in Edwards space)
  def scalarmult1(scalar, cofactor):
-    co_cleared = cofactor * (5 * order)  # cleared main factor
+    co_cleared = ((cofactor * 5) % 8) * order  # cleared main factor
      combined   = trim(scalar) + co_cleared
      return from_edwards(ed_scalarmult(ed_base, combined))
  
  # Single scalar multiplication (in Montgomery space)
  def scalarmult2(scalar, cofactor):
-    co_cleared = cofactor * (5 * order) # cleared main factor
+    co_cleared = ((cofactor * 5) % 8) * order  # cleared main factor
      combined   = trim(scalar) + co_cleared
      return mt_scalarmult(mt_base, combined)
author	Loup Vaillant <loup@loup-vaillant.fr>
	Mon, 23 Mar 2020 15:36:27 +0000 (16:36 +0100)
committer	Loup Vaillant <loup@loup-vaillant.fr>
	Mon, 23 Mar 2020 15:36:27 +0000 (16:36 +0100)