> But how do you know those arguments aren't cherry-picked ? We don't. We don't know they're good, all we know is they're relatively better than NIST curves, both based on publicly available research and on their developers having better rationale for their parameters than NIST as well as potentially less of an incentive to backdoor them.
If crypto primitive backdoors are real a problem, BADA55 curves with verifiably random parameters might be worth considering: http://safecurves.cr.yp.to/bada55.html _______________________________________________ OTR-dev mailing list OTR-dev@lists.cypherpunks.ca http://lists.cypherpunks.ca/mailman/listinfo/otr-dev
