[cryptography] regarding the NSA crypto "breakthrough"
Eugen Leitl
eugen at leitl.org
Fri Sep 6 13:25:32 PDT 2013
----- Forwarded message from Tony Arcieri <bascule at gmail.com> -----
Date: Fri, 6 Sep 2013 13:21:21 -0700
From: Tony Arcieri <bascule at gmail.com>
To: jamesd at echeque.com
Cc: Randombit List <cryptography at randombit.net>
Subject: Re: [cryptography] regarding the NSA crypto "breakthrough"
On Fri, Sep 6, 2013 at 11:47 AM, James A. Donald <jamesd at echeque.com> wrote:
> Time to generate and select new elliptic curves by an open process,
> wherein any large random quantities are chosen by a non secret process,
> such as searching for the appropriate value nearest a round number.
>
There are curves not selected by e.g. NIST with a published rationale for
their selection, like Curve25519. Is there any reason why such curves can't
be evaluated retroactively?
http://cr.yp.to/ecdh/curve25519-20060209.pdf
See in particular Theorem 2.1.
--
Tony Arcieri
_______________________________________________
cryptography mailing list
cryptography at randombit.net
http://lists.randombit.net/mailman/listinfo/cryptography
----- End forwarded message -----
--
Eugen* Leitl <a href="http://leitl.org">leitl</a> http://leitl.org
______________________________________________________________
ICBM: 48.07100, 11.36820 http://ativel.com http://postbiota.org
AC894EC5: 38A5 5F46 A4FF 59B8 336B 47EE F46E 3489 AC89 4EC5
More information about the cypherpunks
mailing list