[PYTHON-CRYPTO] purpose of list

[Eric Johnson]

>> For the readability ... I'm overloading basic operators (+, -, etc.)
>> to work on finite fields of a variety of types.  The original goal
>> was to make an easy to read ECC implementation.
>
>I take it you're using + for the ECC group operation, rather than *. A
>reasonable argument can be made for making it *, because when people stare
>at lots of code using + they naturally think there's a corresponding *,
>which in the case of ECC there isn't. Are you also going to overload
>multiplication by scalars? That's another example of where multiplication
>as the group operator is clearer - 3 * x and x * 3 look like they should
>be the same thing, although 3 * x is confusing when you're not in a field,
>while x ** 3 is quiet understandable.

Conventionally mathematicians use + for Abelian groups and * for
non-Abelian
groups. So I think a mathematician would expect
     3 + x  =  x + 3
but
     3 * x  !=  x * 3

I think the only benefit in using multiplicative notation is that you can
make
DH and the like look more like the discrete log case and so aid
understanding.

I used to think that overloading operators was a good thing and once did
C++
code that could do a Euclidean gcd algorithm on polynomials with overloaded
+ and * operators.

However, I know think it is a terrible thing and leads to more confusion
and
a loss of clarity.
It is very tempting to write x ** 3 to when x is a point on the curve but
we're going to have x1 ** 3 in other places where x1 is an integer and we
can never be quite sure of the semantics of the operators whereas a method
name can be better.
The other problem one encounters is how to overload * when working in both
Zq* and Zp* -- just which field are we using?
In ECC systems with more than one curve which one is associated with the *
operator?

Please, please don't do it.

Eric