diff --git a/PKEY2005.md b/PKEY2005.md index 55f7868..3bf0a37 100644 --- a/PKEY2005.md +++ b/PKEY2005.md @@ -192,7 +192,7 @@ struct DECODED_PKEY { Finally, the reference pairing value of $c = e_m(P, S)$ is stored in the public key rather than the points $P$ and $S$, most likely to reduce storage space and computation costs. -For Confirmation IDs, much of the details are similar, except $M$ is the Installation ID and $v = H_1(M)$ is its SHA-256 hash with an extra 1 appended at the beginning. Since $M$ is given directly, no tree search is needed. Instead, letting $h$ be the Confirmation ID with all check digits removed, $T = lift_x\left(h \bmod p\right)$. From here, the rest of the validation up until checking the pairing value is the same. +For Confirmation IDs, much of the details are similar, except $M$ is the Installation ID. The hash vector $v = H_1(M)$ is 33 elements long, with the first element $v_1 = 1$ and the other 32 elements being the SHA-256 hash of the version byte `0x01` followed by the UTF-16-LE encoded Installation ID with check digits. Since $M$ is given directly, no tree search is needed. Instead, letting $h$ be the Confirmation ID with all check digits removed, $T = lift_x\left(h \bmod p\right)$. From here, the rest of the validation up until checking the pairing value is the same. ## Practical Generation