On Wed, Oct 25, 2017 at 8:39 PM, Andy Isaacson wrote:
> I'd like to understand this attack better (the description above is
> pretty surprising to me), is there a canonical treatment or a phrase I
> should look up in the literature?
I don't know if there is a standard term
On Mon, Mar 6, 2017 at 7:36 PM, Tony Arcieri wrote:
> Ed25519 performs the following operations on private scalars immediately
> prior to use:
I assume the bytes of the scalar here is written least significant
first; otherwise I can't make sense of your message.
> scalar[0]
On Wed, Mar 23, 2016 at 12:16 PM, Brian Smith wrote:
> Hi,
>
> [I am not sure if boring topics like ECDSA are appropriate for this list. I
> hope this is interesting enough.]
It's no less useful for Schnorr (just even more obvious there), and in
that case it permits a
On Tue, Apr 7, 2015 at 6:55 PM, Brian Warner war...@lothar.com wrote:
Of course it's very much not constant-time, and a lot slower than a C
implementation. But a pure-python library is, in practice, much easier
to depend upon than one that requires a C compiler.
I applaud you for seeking