[suggestion] Deprecate the GG20 Library

[brendanjryan]

Based on the following comment from [0] and the "obsolescence" of the GG20 paper I think it would make sense to "deprecate" the tecdsa/gg20 package so that any new implementations or those which already rely on this code are aware of the risks of this protocol.

This should be possible via the following godoc declaration: https://rakyll.org/deprecated/

On the other hand, the authors of that paper appear to have declared it "obsolete". In light of this declaration, we cannot attest, given the information we currently have, that the protocol implemented here is secure. We advise caution regarding its use.

[0] https://github.com/coinbase/kryptology/blob/master/pkg/tecdsa/gg20/SECURITY.md

[vanillahedg]

@brendanjryan Good day Brendan Ryan

Can you help with a few questions about this issue?

1) Can you advise new implementations that fix this error? 2) Can they be used in the production?

[brendanjryan]

Sure -- thanks for flagging @vanillahedg

1. I cannot, per [0] these changes would need to occur at the algorithm design level and are not related to implementation.
2. ^

On the other hand, the authors of that paper appear to have declared it "obsolete". In light of this declaration, we cannot attest, given the information we currently have, that the protocol implemented here is secure. We advise caution regarding its use.

[vanillahedg]

Thank you very much for your answer.