-
In the draft OPAQUE proposal, to prevent account enumeration attacks during authentication the server is supposed to respond with a fake CredentialResponse (see [here](https://cfrg.github.io/draft-irt…
-
## Problems
There are 2 problems with current BLS RFC v4’s AggregateVerify and FastAggregateVerify in proof-of-possession schemes (see https://github.com/cryptosubtlety/zero/blob/main/0.pdf). Aggreg…
-
Currently, the spec only supports AES-based key wrapping algorithms. IMO, we should have support for `XC20PKW` especially for people who use `XC20P` for content encryption to minimize crypto-libs.
…
awoie updated
3 years ago
-
# 💎 Issue
### Background
BLST defines two function aggregating public keys: [`AggregatePublicKeys`](https://github.com/prysmaticlabs/prysm/blob/develop/shared/bls/blst/public_key.go#L56) and [`Agg…
-
> The SvcParamKey to enable Encrypted ClientHello (ECH) is "echconfig".
The ECH draft says this is a list of "ECHConfig" structs: "ECHConfigs".
> The client-facing server advertises a sequence o…
-
It would be nice to be able to provide a custom hash routine to support other algorithms, such as "BLS12381G1_XMD:BLAKE2B_SSWU_RO_" for BBS+. OpenSSL includes support for "blake2b512".
Also looks …
-
Hybrid public key encryption is a well-known cryptographic construction that allows a sender to encrypt arbitrarily-sized messages under a receiver’s public key. ECIES, for example, is one variant of …
-
tl;dr: let's define a function that maps a `RistrettoPoint` back to the `EdwardsPoint` structure, ensuring that the `EdwardsPoint` is part of the prime order subgroup.
I know that the title is aga…
-
FIPS IG A.5
States thart after 2^64 records for a TLS connection when using a GCM cipher suite renegotiation shall happen automatically.
The implementation of the nonce_explicit management logic i…
-
Of course I can be biased here, but it seems to me that a reference to RFC 8645 can be very convenient in the draft, since it considers several ways to increase the bounds in some cases - such as host…