Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Formal methods #331

Open
spitters opened this issue Dec 9, 2021 · 8 comments
Open

Formal methods #331

spitters opened this issue Dec 9, 2021 · 8 comments

Comments

@spitters
Copy link
Contributor

spitters commented Dec 9, 2021
edited
Loading

We describe our approach to formal methods here:
cfrg/draft-irtf-cfrg-bls-signature#47

A hacspec specification of the slow algorithm for hashing to curve is now available here.

Any suggestions on how to best interact with the standardization process would be welcome.
@chris-wood
Copy link
Collaborator

chris-wood commented Dec 9, 2021
edited
Loading

Thanks for filing this issue! This draft previously had hacspec specifications of some algorithms, back before hacspec moved to Rust. We abandoned this and reverted to the current algorithm descriptions and formulations since hacspec didn't appear to be well maintained at the time. Has that changed? Perhaps @franziskuskiefer knows the latest here.

@franziskuskiefer
Copy link

Right there has been some downtime after abandoning the Python version.
The new (Rust) hacspec is well and alive and I hope we can keep it that way.
@spitters and his team is actively using it with the coq backend and we are using it as frontend for more and more for F* things.

For the hacspec specification @spitters links we have an open PR hacspec/hacspec#200
I'd appreciate a review of the PR with respect to correctness of the spec. Some feedback would also be interesting in terms of esthetics, e.g. is the code readable for someone unfamiliar with hacspec etc.

@spitters
Copy link
Contributor Author

spitters commented Dec 9, 2021

I see that @Kasserne has meanwhile also implemented the optimized algorithm 🎉
Indeed, it would be great to get feedback on how faithful hacspec is wrt the informal specification in the standard.

@chris-wood
Copy link
Collaborator

@spitters we can review the hacspec implementation. @franziskuskiefer, is there interest in hacspec implementations of the other algorithms in this spec?

@spitters
Copy link
Contributor Author

spitters commented Dec 9, 2021

I think there is, we'd like to experiment with testing efficient implementations against the spec.

@chris-wood
Copy link
Collaborator

@spitters how should we go about adding them? Would one of us send PRs to hacspec, for example?

@spitters
Copy link
Contributor Author

spitters commented Dec 9, 2021

Yes, a PR to hacspec seems like the canonical way. Feel free to come and discuss with us on the hacspec zulip.

@franziskuskiefer
Copy link

@franziskuskiefer, is there interest in hacspec implementations of the other algorithms in this spec?

There certainly is :)

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
3 participants
@spitters @franziskuskiefer @chris-wood