Group Order() function signature oddity

[chris-wood]

@bwesterb points out that this prototype is somewhat strange:

type Group interface {
...
	Order() Scalar
...
}

Since Scalars are integers between 0 and q-1, the output of this function should be zero! Perhaps this just needs to be a big.Int, instead?

@armfazh, what do you think?

[armfazh]

About returning big.Int: I think returning this type motivates users to perform scalar operations using big.Int, which is not desirable, instead we are already providing Scalar arithmetic operations.

I think the q = Order() function is merely for informational purposes, and not to perform any operation modulo q. or maybe returning another type be the option.

[chris-wood]

I think the q = Order() function is merely for informational purposes, and not to perform any operation modulo q. or maybe returning another type be the option.

I think you may have misunderstood the comment. In the example snippet you wrote -- q = Order() -- q would be 0. That's not very useful, or informational. If we're going to expose an interface that returns the order of the group, then I think we should actually return the order of the group.

[bwesterb]

I do agree with @armfazh that big.Int isn't great for cryptographic purposes due to timing attacks.

[chris-wood]

I do agree with @armfazh that big.Int isn't great for cryptographic purposes due to timing attacks.

That's fair. I think a reasonable thing to do here is to just remove this function from the interface altogether. It's not needed.