Simon Josefsson <si...@josefsson.org> writes: >> * SNTRUP761_CIPHERTEXT_SIZE: Probably right, even though I'm a bit >> confused by the "ciphertext" terminology when there's no >> corresponding plaintext. > > Yeah... I think this is actually an area that could do more work, since > the output is combined but maybe some consumers could want to split it > up. This could be fixed later, and there may be good reasons to NOT > expose that internal structure. The terminology is a bit unclear if the > key is included in ciphertext or not.
I'm not following... What's "combined"? The output of the encapsulation is two blobs: One is the secret key, used for local setup of ciphers, the other is the "ciphertext", to be sent to the other end and decapsulated using the private key. I don't see why they would ever be combined, or split up further? >> Things I think are desirable to do before merging an initial version: >> Agree on naming. Rename the single-lower-case-letter macros in the .c >> file to macro-like names. Add valgrind-based tests of side-channel silence. > > Agreed, let's get those fixed. Ah, and for consistency, the public/private key should be the first argument to the encapsulation and decapsulation functions. Regards, /Niels -- Niels Möller. PGP key CB4962D070D77D7FCB8BA36271D8F1FF368C6677. Internet email is subject to wholesale government surveillance. _______________________________________________ nettle-bugs mailing list -- nettle-bugs@lists.lysator.liu.se To unsubscribe send an email to nettle-bugs-le...@lists.lysator.liu.se
