[Ach] djb on timing weaknesses of ECDSA implementations (& how to design EC signature systems)

Aaron Zauner azet at azet.org
Sun Mar 23 21:09:02 CET 2014

ianG wrote:
> On 23/03/2014 14:45 pm, Aaron Zauner wrote:
>> interesting: http://blog.cr.yp.to/20140323-ecdsa.html
> On deprecating DSA, he says:
> [...]
Yeah. that's one of the best parts of the blog post, I also really like
how he explains the inner workings of EC and signature algorithms.
Professor Bernstein makes a solid point to depreciate everything thats
DSA. Basically I guess DSA would be O.K. to some extent and for some use
cases, but DSS is just a complete bullshit standard, just take a look at
it. That's also why we've removed DSA host keys in our recommendations.


-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 801 bytes
Desc: OpenPGP digital signature
URL: <http://lists.cert.at/pipermail/ach/attachments/20140323/5768a59f/attachment.sig>

More information about the Ach mailing list