[curves] Mutual-auth Ace (was Re: MQV)

Conrado P. L. Gouvêa conradoplg at gmail.com
Sat May 17 10:22:37 PDT 2014

2014-05-16 3:52 GMT-03:00 Robert Ransom <rransom.8774 at gmail.com>:
> And if an attacker compromises a party's ephemeral keys in signed DH,
> the attacker can not only decrypt the session, but also learn that
> party's long-term signing key.

Sorry if this is a stupid question, but how does this happen? Or do
you just mean that if an attacker has access to the ephemeral key then
they probably also have access to the signing key?


More information about the Curves mailing list