-
https://datatracker.ietf.org/doc/draft-dijkhuis-cfrg-hdkeys/
-
The draft here https://datatracker.ietf.org/doc/draft-irtf-cfrg-hash-to-curve/. Thanks!
-
Thanks for the Guidelines! Very useful!
I would like to add some clarification regarding the limits.
You wrote:
>XChaCha20-Poly1305 and non-IETF ChaCha20-Poly1305 have no practical limits (~2…
-
WebKit's implementation of Ed25519, when using macOS's CryptoKit, produces randomized signatures (presumably as per [draft-irtf-cfrg-det-sigs-with-noise](https://datatracker.ietf.org/doc/draft-irtf-cf…
twiss updated
3 weeks ago
-
Taylor R Campbell wrote:
Where does one find test vectors for the deterministic functions
defined here with the extra randomization parameters Z?
https://mailarchive.ietf.org/arch/msg/cfrg/jmfn1b…
-
There are several reasons one might desire an ed25519 flavor that employs system randomness, in addition to the usual derandomization. I've no idea any relevant standards exist, but the obvious metho…
-
>XSalsa20 has the same shape as Salsa20, except for the much longer nonce: it produces a
512-bit output block given a 256-bit key, a 192-bit nonce, and a **64-bit** block counter.
-- http://cr.yp.…
-
The documentation for AES-GCM-SIV references [a preprint](https://eprint.iacr.org/2017/168) and [a draft RFC](https://tools.ietf.org/html/draft-irtf-cfrg-gcmsiv-06). Since then, the spec has been form…
-
The current draft has `def BlindEvaluate` in https://www.ietf.org/archive/id/draft-irtf-cfrg-voprf-21.html#name-oprf-protocol, https://www.ietf.org/archive/id/draft-irtf-cfrg-voprf-21.html#name-voprf-…
-
This issue is to track the CFRG PAKE selection process going on in the IETF. When that process completes, if they pick a PAKE other than SPAKE2, we should consider swapping out SPAKE2 if there are no…