On Wed, Oct 16, 2013 at 11:31 AM, Pieter Hintjens <[email protected]> wrote: > I tried to explain the use cases in my article. The goal is to send my > public key to you without leaking the fact.
That doesn't explain under what circumstance someone going to authenticate a public key without immediately using it for Curve25519 D-H if it's valid. For authentication purposes, there's two things that make sense, IMO: 1) The entire public key 2) A large (e.g. 256-bit) digest of the public key which provides preimage resistance... but why would you use this over a public key? -- Tony Arcieri _______________________________________________ zeromq-dev mailing list [email protected] http://lists.zeromq.org/mailman/listinfo/zeromq-dev
