<p dir="ltr">On 1 Mar 2016 7:11 am, "Tony Arcieri" <<a href="mailto:bascule@gmail.com">bascule@gmail.com</a>> wrote:<br>
><br>
> On Monday, February 29, 2016, Ben Harris <<a href="mailto:mail@bharr.is">mail@bharr.is</a>> wrote:<br>
>><br>
>> What if I were to take the scalar and raise it to [the field prime minus 2] mod the prime?<br>
><br>
> If the answer to that question is the original point, then I guess the scheme is worthless... </p>
<p dir="ltr">The multiplicitive inverse of the original scalar.</p>
<p dir="ltr">But your scheme could just be Alice publishing a random R and also the hash/HMAC of each contact using R as key.</p>
<p dir="ltr">Though it looks to only protect an attacker from determining if two people share contacts if the majority of public keys are secret/unpublished. An attacker with a directory of contacts can unblind everything.<br>
</p>