Nikos Mavrogiannopoulos writes:
>I am not sure that the recommendations of this paper should be blindly
>trusted. There are some inaccurate facts about a library I work on [0], but a
>part of the abstract is also concerning: "We examine over 20 open-source
>cryptographic libraries and application
I have not read the paper in detail, but I agree with the high level
conclusions. If it were not for quantum computers, I think IETF should
move to curve25519 as quickly as possible. With quantum computers the
picture is more complicated as ECC would anyway need to be replaced with
PQC in the not t
On Tue, Oct 18, 2016 at 8:46 PM, John Mattsson
wrote:
> New paper “Measuring small subgroup attacks against Diffie-Hellman”
> https://eprint.iacr.org/2016/995.pdf
> “Cryptographic recommendations from standards committees are often too
> weak or vague”
> “However, the tangle of RFCs and standards
