Hi Sebastien,
I think it's available here: https://chromium.googlesource.com/chromium/chromium/+/master/crypto/p224_spake.cc https://chromium.googlesource.com/chromium/chromium/+/master/crypto/p224_spake.h Thanks for the link. It clarifies a lot. The use of text string as the seed makes it harder to tweak than the binary string, but still at least in theory there are endless possibilities for choosing the text string in different ways as the seed. Hence, there is an implied trust that the implementer didn't pre-compute the possibilities and chose one that gives the weakest. Note that this observation is purely theoretical. I don't mean practical attacks in any concrete terms.
_______________________________________________ Curves mailing list [email protected] https://moderncrypto.org/mailman/listinfo/curves
