On Thu, Jul 27, 2017 at 4:27 PM, Björn Haase <bjoern.m.ha...@web.de> wrote: > > "Making Password Authenticated Key Exchange Suitable For > Resource-Constrained Industrial Control Devices" > https://eprint.iacr.org/2017/562 > > We observe a speedup factor of roughly 1.9 in comparison to our X25519 > implementation on a Cortex M0+ microcontroller.
Hi Björn, Thanks, that's a good read. Couple Qs: * Did you give any thought to FourQ, which claims similar speedups with respect to 25519 but also a similar security level? [1] * For the PAKE, since you have Elligator, did you consider anything like the "SPAKE2-Elligator Edition" approach of [2] - basically, DH-EKE where the DH public values are masked by adding Elligator(password)? Trevor [1] https://eprint.iacr.org/2017/434.pdf [2] https://moderncrypto.org/mail-archive/curves/2015/000424.html https://www.di.ens.fr/~mabdalla/papers/AbPo05a-letter.pdf _______________________________________________ Curves mailing list Curves@moderncrypto.org https://moderncrypto.org/mailman/listinfo/curves