-
If a server implements ECH decryption via an RPC call, it's possible for the client's ECH keys to be valid for CH1 but invalid for CH2, perhaps due to a race condition that updates the server's keys a…
-
From the OPRF draft:
https://tools.ietf.org/html/draft-irtf-cfrg-voprf-04#section-2.1
It is convenient in cryptographic applications to instantiate such
prime-order groups using elliptic cu…
-
the most awesome thing of bcrypt is that you can set the cost of it depending on how much power the server has. wouldn't it be awesome if there would be a setting for specifiying the cost of bcrypt (a…
-
From https://mailarchive.ietf.org/arch/msg/cfrg/ZcTCJkilzCDshxsIj7MwKHNlNuM/
Section 5.1:
"mode" should also be listed as a key schedule input.
-
https://libsodium.gitbook.io/doc/secret-key_cryptography
"Secret-key cryptography refers to cryptographic system that uses the same key to encrypt and decrypt data."
https://libsodium.gitbook.io…
-
From https://mailarchive.ietf.org/arch/msg/cfrg/ZcTCJkilzCDshxsIj7MwKHNlNuM/
Should "formally verified" be "proven secure under standard cryptographic assumptions"? Or is the intent indeed to enab…
-
From https://mailarchive.ietf.org/arch/msg/cfrg/ZcTCJkilzCDshxsIj7MwKHNlNuM/
[ANSI]: Add "X9.63" to title.
[BNT19] and other references as needed: Add authors' names.
[MAEA10]: Use "author…
-
From https://mailarchive.ietf.org/arch/msg/cfrg/ZcTCJkilzCDshxsIj7MwKHNlNuM/
Section 3: Definition of encode_big_endian: Add "unsigned" before "integer" if this is the intent (so that the set of …
-
From https://mailarchive.ietf.org/arch/msg/cfrg/ZcTCJkilzCDshxsIj7MwKHNlNuM/
Appendix: "pkR", "pkS" values are given. These are presumably the same as the marshalled versions "pkRm", "pkSm", this…
-
From https://mailarchive.ietf.org/arch/msg/cfrg/ZcTCJkilzCDshxsIj7MwKHNlNuM/
Section 8.1: "A full proof of post-quantum security .". Although we understand that a full proof of post-quantum secur…