[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

[cryptography] regarding the NSA crypto "breakthrough"



----- Forwarded message from Tony Arcieri <[email protected]> -----

Date: Fri, 6 Sep 2013 13:21:21 -0700
From: Tony Arcieri <[email protected]>
To: [email protected]
Cc: Randombit List <[email protected]>
Subject: Re: [cryptography] regarding the NSA crypto "breakthrough"

On Fri, Sep 6, 2013 at 11:47 AM, James A. Donald <[email protected]> wrote:

> Time to generate and select new elliptic curves by an open process,
> wherein any large random quantities are chosen by a non secret process,
> such as searching for the appropriate value nearest a round number.
>

There are curves not selected by e.g. NIST with a published rationale for
their selection, like Curve25519. Is there any reason why such curves can't
be evaluated retroactively?

http://cr.yp.to/ecdh/curve25519-20060209.pdf

See in particular Theorem 2.1.

-- 
Tony Arcieri

_______________________________________________
cryptography mailing list
[email protected]
http://lists.randombit.net/mailman/listinfo/cryptography


----- End forwarded message -----
-- 
Eugen* Leitl <a href="http://leitl.org";>leitl</a> http://leitl.org
______________________________________________________________
ICBM: 48.07100, 11.36820 http://ativel.com http://postbiota.org
AC894EC5: 38A5 5F46 A4FF 59B8 336B  47EE F46E 3489 AC89 4EC5