I actually have code for this based on PARI’s early aborts, and I used it to generate a cert for Ed448-Goldilocks that it uses the smallest d. But my cert generation code is a huge mess. Hopefully Jean-Pierre Flori’s work is cleaner.
> On Jun 12, 2015, at 9:53 AM, David Leon Gil <[email protected]> wrote: > > As a quick note, I think that the more significant aspect of Flori's work is > that he appears to have code that can output efficiently verifiable > certificates for curves with the wrong cofactor. > > (I have tried to get the necessary output from PARI's SEA early-aborts, based > on some code of Mike's, but have mainly succeeded in causing segfaults > because of PARI's rather obtuse stack-based garbage collection.) > > - David > On Fri, Jun 12, 2015 at 5:30 AM William Whyte <[email protected] > <mailto:[email protected]>> wrote: > http://eprint.iacr.org/2014/832 <http://eprint.iacr.org/2014/832> > > > From: Brian Smith [mailto:[email protected] <mailto:[email protected]>] > Sent: Friday, June 12, 2015 5:28 AM > To: William Whyte > Cc: Michael Hamburg; Trevor Perrin; Watson Ladd; [email protected] > <mailto:[email protected]> > > Subject: Re: [curves] Review of NIST workshop > > > > > On Thu, Jun 11, 2015 at 11:18 PM, William Whyte > <[email protected] <mailto:[email protected]>> wrote: > > There is also significant pressure from BSI against > ed25519, which doesn't directly affect the US OEMs but which does muddy the > waters about which curve actually is technically superior. > > > Where can we read more about BSI's position regarding ed25519? > > > Thanks, > > Brian > > _______________________________________________ > Curves mailing list > [email protected] <mailto:[email protected]> > https://moderncrypto.org/mailman/listinfo/curves > <https://moderncrypto.org/mailman/listinfo/curves> > _______________________________________________ > Curves mailing list > [email protected] > https://moderncrypto.org/mailman/listinfo/curves
_______________________________________________ Curves mailing list [email protected] https://moderncrypto.org/mailman/listinfo/curves
