Show Idle (>14 d.) Chans

← 2021-05-28 | 2021-05-30 →
anotheruser: Guten abend
anotheruser: dorion: I see that you responded via the logs. In regards to your question about counterpoint, I can tell you that if one moves from a perfect consonance to another perfect consonance one must proceed in contrary or oblique motion. However, you already know this.
anotheruser: dorion: I am running across a new problem while using FL Studio, which is that it is very difficult to view notated music, indeed, it is not possible; it only displays midi notes, and thus has me considering changing to a different DAW called Cubase.
anotheruser: dorion: What is new with you? What new problems are you solving up there?
whaack: jfw: I'm attempting to write a basic ecdsa signing tool in order to "fully grasp" how the ECDSA works. I've tried to be honest with myself, making sure that I'm not cutting too many corners and at least have a decent understanding of all the proofs and lemmas that back ecdsa. But I've hit what appears to be a bring wall, something above my pay grade. The problem is that from what I understand so
whaack: far, to be convinced the generator point G for a curve generates all the points on the curve, I need to be assured that there are a prime number of points on the curve over its finite field (+ the additive identity point at infinity). The problem is that it looks like I'm going to have to grok this proof (plz excuse the derpapedia
whaack: link) in order to convince myself that there are a prime number of points on the curve for secp256k1
whaack: brick* wall
whaack: jfw: When you wrote your signing algo for gbw-node, did you work through the various proofs re ecdsa, and did you come accross this one? (The link is an algo, but the 'proof' would be running the algorithm and being convinced that secp256k1 has a prime number of points) Do you have a suggestion as to where I should begin? Should I work through some math texts? Do you think I should give up / put
whaack: aside for later the task of grokking ecdsa?
jfw: whaack: either you're going deeper on the math than I did, or you're falling into the depths for not having enough grasp of the surface, I can't quite tell.
whaack: Maybe simultaneously going deeper in some areas and having less of a grasp on the surface.
jfw: Mainly what I worked through was satisfying myself that my code implemented the specs, not that the specs are correct / secure / whatever
jfw: far as I understand there is no security proof of the sort one would like, though certain properties can at least be observed, clarifying the assumptions it rests on and that sort of thing.
jfw: why does there need to be a prime number of points? if I'm recalling my basics now, the generator generates all points on the curve by definition
jfw: ah, it would be possible to choose a generator that doesn't cover all points that pass the "on the curve" test, indeed.
jfw: (if it's not prime.)
whaack: right, so how can one be convinced that the generator for a curve is generating all the points, without enumerating all the points
jfw: and if it didn't generate all the points, there'd be fewer bits in the key space than advertised, I suppose.
whaack: correct
whaack: (I also haven't grasped why a prime number of points on the curve means that every point is a generator)
whaack: I'm playing around with the curve y^2 = x^3 + 7 mod 17 , which has 18 points, and most points are not generators and (15,13) is the only generator I know of
jfw: there's a couple magic-looking numbers in the secp256k1 parameters, though the generator looks the most magical indeed
jfw: a simpler kind of group to play with might be modular multiplication
jfw: with a prime modulus, you should find that the powers of any element will generate the whole group, whereas not so if composite (possibly only its coprimes will)
whaack: jfw: I don't think that's exactly sec
jfw: myeah, certainly powers of 1 aren't generating anything
whaack: jfw: that, but I was referring to also perfect squares
whaack: take the powers of "4" mod 7 for example
jfw: right, hmm.
whaack: 4, 9, 16, all of those will give you problems. But there are also other numbers that don't appear to be perfect squares but are when you are referring to GF(p)
jfw: what can I say, three years ago I think I could have given the correct example but that part of the brain has perhaps rusted.
whaack: (for the logs, an example of a not-so-obvoius perfect square mod P is 5 mod 11, 5 is (7 ** 2) % 11, and therefore you cannot generate all the values in GF(11) simply by taking powers of 5
jfw: to the higher question though, I can't really say what's best for you but if you find this interesting then it makes sense to me to get to the bottom of it, especially if you do the same for RSA and compare what you find.
jfw: just don't get caught in the "go away with your silly demands that the rent be paid, can't you see I'm doing Important Maffs?" trap with it.
whaack: ah forget it then, avoiding my irl concerns by replacing them with math problems was half the point!
whaack: jfw: joking aside, that advice is important, thank you. Maybe I'll try to dedicate a copule of hours each week to a text on group/ring/field theory, and work my way up from there.
jfw: heh, sounds good. 'modern algebra' is possibly the umbrella term there, with a side of 'number theory'
← 2021-05-28 | 2021-05-30 →