-
Hey there, we're using this great library to implement an authenticated handshake between nodes that run on user machines. Users are also able to sign objects with their node key and it's important to…
-
Hello "jesdict1",
I would like to draw your attention to the latest version of the ID regarding CPace.
https://datatracker.ietf.org/doc/draft-irtf-cfrg-cpace/
There are a couple of minor chan…
-
Consider the design of Themis: https://docs.cossacklabs.com/themis/crypto-theory/cryptosystems/secure-message/
And consider the NaCl and libsodium API, the [box](https://doc.libsodium.org/public-ke…
-
The ultimate goal is to provide 100% coverage of the libsodium API in flutter. Not there yet, tracking progress of the entire libsodium API (725 symbols) in this issue.
Send PR or drop a note if yo…
-
`opaque-ke 2.0.0` explicitly pins an older version of `voprf` that violates the new lifetime rules (https://github.com/rust-lang/rust/pull/117967)
`voprf` fixed this issue in version `0.5.0`: https…
-
>Simply concatenating variable-length, possibly attacker controlled values as the
>I-D suggests is dangerous. For example, the (idA, idB) pairs ("ax", "b") and
>("a", "xb") would result equivalent…
-
Since the PAKE has ~128-bit security, it would be slightly cleaner to use SHA-256 for the HKDF construction rather than SHA-512, so that the strength of the hash function is balanced with the strength…
-
https://doc.libsodium.org/advanced/point-arithmetic/ristretto (since libsodium 1.0.18+)
-
Ciphersuite defines five `hash_to_F` functions.
- Secp256k1 and P-256 using an application of https://www.ietf.org/archive/id/draft-irtf-cfrg-hash-to-curve-16.html to their scalar fields.
- Ed2551…
-
Currently we are using `ProjectivePoint` and `Scalar` directly instead of `PublicKey` and `SecretKey` respectively.
The reason was that `curve25519_dalek::Scalar` supports `Zeroize` but not `Zeroiz…