Insecure hashing in bn256/sign method

[nikkolasg]

The method to hash a message to a point is insecure m -> scalar s -> s * G , as no easy method is provided by the go or cf packages and time pressure. We should try to implement a correct method, maybe by following the ideas in this paper https://www.di.ens.fr/~fouque/pub/latincrypt12.pdf . Although that will probably require forking off Go's or CF's package in order to access to the lower level methods.