[noise] Curve25519 key bitmask?

Jonathan Rudenberg jonathan at titanous.com
Sun Jul 13 10:39:04 PDT 2014

Previous message: [noise] Aligning with Chrome and IETF's ChaCha20/Poly1305
Next message: [noise] Curve25519 key bitmask?
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

The Curve25519 documentation[0] says that we should do these bitwise ops while computing the secret key:

     mysecret[0] &= 248;
     mysecret[31] &= 127;
     mysecret[31] |= 64;

It’s not immediately apparent what the reason for this is and if it has any negative/positive impact. Would someone explain it to me?

Thanks,

Jonathan

[0] http://cr.yp.to/ecdh.html

Previous message: [noise] Aligning with Chrome and IETF's ChaCha20/Poly1305
Next message: [noise] Curve25519 key bitmask?
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

More information about the Noise mailing list