Hash to scalar?

[matthiasgeihs]

Summary

I would like to hash arbitrary byte strings to group scalars.

let msg = "Hello world!".as_bytes();
let h = ark_bn254::Fr::hash(msg);

Problem Definition

This is relevant for some cryptographic schemes in order to expand the message space to arbitrary byte strings (e.g., Catalano-Fiore vector commitments, page 8, footnote 8).

Proposal

Introduce an API for hashing bytes to scalars / prime field elements as described above.
(If this is already implemented, I would be happy to get a pointer into the right direction.)

---

For Admin Use

• Not duplicate issue
• Appropriate labels applied
• Appropriate contributors tagged
• Contributor assigned/self-assigned

[burdges]

Arkworks always provides try-n-increment, which always works but kinda sucks. You likely want #643 or at least its component 15fc1a5 I need to pull that PR into some smaller parts though.

[mmagician]

The question is actually about hashing into scalars @burdges, for which you don't need try-and-increment, that's for hashing to EC points.

@matthiasgeihs You can use the DefaultFieldHasher, see

algebra/ff/src/fields/field_hashers/mod.rs

Line 41 in 4152c41

pub struct DefaultFieldHasher<H: FixedOutputReset + Default + Clone, const SEC_PARAM: usize = 128> {

, there's also a doctest which serves as a good usage example.