On 28 February 2014 17:07, Paddy <stonecold...@gmail.com> wrote: >>>On 20 December 2013 09:09, Patrick McCorry <[hidden email]> wrote: >>>> Thanks Guys, >>>> >>>> At the moment I'm trying to distinguish if n > p, as the x co-ordinate >>>> does not wrap around n (so x = r >>in all cases) - to verify if this is >>>> always the case >>>> >>> >>>n can be greater than p, e.g. see the definition of secp112r1 in >>>http://www.secg.org/collateral/sec2_final.pdf: >>>p = DB7C 2ABF62E3 5E668076 BEAD208B >>>n = DB7C 2ABF62E3 5E7628DF AC6561C5 >>> >>>Or n can be less than p, e.g. see the definition of secp112r2 >>>p = DB7C 2ABF62E3 5E668076 BEAD208B >>>n = 36DF 0AAFD8B8 D7597CA1 0520D04B >>> >>>Matt > > My understanding is that k . G = (x,y) > > And under the hood, 0 <= x <= p and 0 <= y <= p. > > Then the next step I believe is r = x mod n and NOT r = x mod p
Correct > > So in this case, because p > n - then x will wrap around the modulus from > time to time? > As per my previous answer p may be greater than n or it may not be. It depends on the curve. *If* p is greater than n, then yes, x may also be greater than n from time to time. Matt ______________________________________________________________________ OpenSSL Project http://www.openssl.org User Support Mailing List openssl-users@openssl.org Automated List Manager majord...@openssl.org
