-
Notifications
You must be signed in to change notification settings - Fork 8
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Support other curves #13
Comments
PR #43 added support for building with any curve supported by AMCL. However, we still need to get AMCL support for the TPM BN256 curve. |
PR #53 adds support for the TPM 256-bit curve (previously called "BN256" here, but AMCL calls it "FP256BN" and FIDO and the TPM spec call it "TPM_ECC_BN_P256". However, there appears to be an issue comparing G2 points between AMCL and FIDO (which uses IAIK). Until that is resolved, and we are able to fully test against the FIDO reference implementation, this issue will remain open. |
We're now using a more-up-to-date specification than the FIDO reference implementation. So, for now at least, resolving this comparison issue isn't feasible. Using Xaptum's long-standing use of this implementation, with FP256BN, as justification, I'm closing this issue. A separate issue, advocating the creation of test vectors (somehow, considering we don't have any other implementation) can be opened at another time. |
Currently, we only support
BN254
. AMCL supports two other curves, and its namespacing allows using different functions for different curves.Our most pressing concern is to support the 256-bit Barreto-Naehrig curve implemented in TPM2.0 and used by FIDO (so we can test against their implementation).
AMCL supports defining other curves, so let's add that 256-bit BN TPM curve.
The easiest path would be to adopt AMCL's convention, and use namespacing to distinguish our functions that use different curves (e.g.
ecdaa_signature_BN256TPM_sign
).The text was updated successfully, but these errors were encountered: