[Ach] choosing safe curves for elliptic-curve cryptography
ianG
iang at iang.org
Mon May 12 16:39:05 CEST 2014
On 12/05/2014 13:27 pm, Aaron Zauner wrote:
> Hi Bernd
>
> On 05/12/2014 12:07 PM, Kohler, Bernd wrote:
>> Hi @ all,
>>
>> Together with Tanja Lange, Daniel J. Bernstein (aka djb) dropped some notes
>> about " choosing safe curves for elliptic-curve cryptography" on webpage [1]
>> (found via [2]).
>>
>> AS I didn't find any hints, about this webpage here, I forwarded this FYI
> Reference to their project has been in our Paper since almost from the
> beginning (see theory sections - ECC).
> Discussion here on this list hasn't shifted to that topic for a whole
> though.
The issue of safe curves is at the wrong layer for the BetterCrypto
paper -- choosing safe curves should be done by the developer, and
should be fixed in the code. There shouldn't be any choice available to
the application admin.
(A few biases showing through here of course:
http://iang.org/ssl/h1_the_one_true_cipher_suite.html
which speaks to the developer... )
iang
More information about the Ach
mailing list