On Fri, Sep 6, 2013 at 11:47 AM, James A. Donald <jam...@echeque.com> wrote:
> Time to generate and select new elliptic curves by an open process, > wherein any large random quantities are chosen by a non secret process, > such as searching for the appropriate value nearest a round number. > There are curves not selected by e.g. NIST with a published rationale for their selection, like Curve25519. Is there any reason why such curves can't be evaluated retroactively? http://cr.yp.to/ecdh/curve25519-20060209.pdf See in particular Theorem 2.1. -- Tony Arcieri
_______________________________________________ cryptography mailing list cryptography@randombit.net http://lists.randombit.net/mailman/listinfo/cryptography
