If you want to convince Curve25519 implementations to switch to ignoring the last bit, convincing the NaCl authors is really important. I expect most libraries to value compatibility with NaCl more highly than the advantages of an ignored bit. My impression is that where NaCl leads the other implementations follow.
So I think you should contact the NaCl authors. Since the most recent version of SUPERCOP switched to ignoring the bit, they might have already made this change to the upcoming NaCl version (Last December they said that NaCl will probably be updated in 2014) https://github.com/jedisct1/libsodium/issues/147 _______________________________________________ Curves mailing list [email protected] https://moderncrypto.org/mailman/listinfo/curves
