----- Forwarded message from Tony Arcieri <[email protected]> ----- Date: Fri, 6 Sep 2013 13:21:21 -0700 From: Tony Arcieri <[email protected]> To: [email protected] Cc: Randombit List <[email protected]> Subject: Re: [cryptography] regarding the NSA crypto "breakthrough"
On Fri, Sep 6, 2013 at 11:47 AM, James A. Donald <[email protected]> wrote: > Time to generate and select new elliptic curves by an open process, > wherein any large random quantities are chosen by a non secret process, > such as searching for the appropriate value nearest a round number. > There are curves not selected by e.g. NIST with a published rationale for their selection, like Curve25519. Is there any reason why such curves can't be evaluated retroactively? http://cr.yp.to/ecdh/curve25519-20060209.pdf See in particular Theorem 2.1. -- Tony Arcieri _______________________________________________ cryptography mailing list [email protected] http://lists.randombit.net/mailman/listinfo/cryptography ----- End forwarded message ----- -- Eugen* Leitl <a href="http://leitl.org";>leitl</a> http://leitl.org ______________________________________________________________ ICBM: 48.07100, 11.36820 http://ativel.com http://postbiota.org AC894EC5: 38A5 5F46 A4FF 59B8 336B 47EE F46E 3489 AC89 4EC5
