Skip to content
gionasoldati edited this page Oct 2, 2018 · 21 revisions

Nomenclature

The aim of this section is to establish a common nomenclature to be used among the members of the institute. Our aim is to create a logic and self-consistent nomenclature to help learning.

  1. Prime numbers: the lowercase letter p should represent an odd prime number;
  2. Fields: for a general field the letter K should be used, while the finite field of order q = p^k, where p is an odd prime and k an integer, should be represented as F_q. For a fixed order q, the finite field F_q is unique up to isomorphism, i.e. the same field admits different representations. When dealing with F_p we can use the isomorphism with the set of natural numbers modulo p (Z_p);
  3. Elliptic curves: in general an elliptic curve is denoted by E(K), which represents the set of points satisfying the generalized Weierstrass equation plus the point at infinity. For what concerns our purposes K will always be a prime finite field (F_p). In this case we can define an elliptic curve entirely through the so called elliptic curve domain parameters: T = (a, b, p, G, n, h).
    1. a and b defines the weierstrass equation y^2 = x^3 + ax + b;
    2. p determines the finite field over which the curve is defined E(F_p): y^2 = x^3 + ax + b (mod p);
    3. G is a generator of a cyclic subgroup of E(F_p);
    4. n is the order of the cyclic subgroup determined by G;
    5. h is the so called cofactor, computed as h = |E(F_p)| / n.

Lowercase letters are used to denote scalars, while the uppercase equivalent denotes the linked EC point, e.g. cG = C = (x_C, y_C). The coordinates of an EC point should be represented as in the previous example; 4. Elliptic curves' key pair: the pair of private and public key should be denoted as (q, Q). If more pairs are needed subscripts should be used; 5. Signature algorithms (ECDSA and Schnorr): || denotes concatenation of bytes string, the conversion functions should be written extensively (hash(), bytes(), int(), etc.), the cryptographically secure nonce should be denoted by k and the equivalent EC point with K = (x_K, y_K);

Clone this wiki locally