-
Currently verification incurs a significant scalar multiplication overhead due to the repeated need of validating public key.
https://tools.ietf.org/html/draft-irtf-cfrg-bls-signature-04#section-2.…
-
At the end of the `#protocol-messages` section is a description of the envelope structure as seen here:
```
OPAQUE uses an `Envelope` structure to encapsulate an encrypted `Credentials` structure.…
-
It looks like Argon2 is not supported.
I'm willing to add support for this in L…
-
Hi, I'm new to this project so I'm not sure whether you use this function but it looks like the current implementation of hash_to_curve for EdwardsPoint uses rejection sampling, which is sensitive to …
-
Thanks to @kwantam for the previous response in #27! While we are creating more edge cases test vectors, we want to get confirmation from the standard writers if the point at infinity signature (0xc0.…
-
## Eth2 Call 43 Agenda
[call 42](https://github.com/ethereum/eth2.0-pm/issues/162)
### Meeting Date/Time: Thursday 2020/7/9 at [14:00 GMT](https://savvytime.com/converter/gmt-to-germany-berlin-unite…
-
Cause I'm quite new to ECH, I'm little bit confused when reading this draft.
So I want to ask some questions...
Paragraph 7.1. Sending an encrypted ClientHello says...
> pkR = HPKE.KEM.Unmarshal(…
-
@nickray
Do we need a modular reduction operation as part of the derivation of the secret key?
-
From Section 6.1:
```
When sending ClientHello, the client first computes ClientHelloInner,
including any PSK binders, and then MAY substitute extensions which
it knows will be duplicat…
-
Hello,
Great Library !
Do you plan to migrate to hash to curve v9?
https://tools.ietf.org/html/draft-irtf-cfrg-hash-to-curve-09
thanks