[curves] Costs of cofactor > 1
Robert Ransom
rransom.8774 at gmail.com
Wed Dec 24 11:03:39 PST 2014
On 12/24/14, Michael Hamburg <mike at shiftleft.org> wrote:
> You asked specifically about batch verification. I’m not aware of deployed
> systems that need or use batch verification. The EVITA vehicle-to-vehicle
> specs do require an extremely high rate of verification, but since they use
> ECDSA, no batching is possible. It might or might not be desirable in that
> setting, because there are constraints on latency as well as throughput, but
> having an option would be nice.
Vehicle-to-vehicle communications is also an excellent example of a
non-anonymity-related application in which
implementation-distinguishing attacks can be quite serious. (Imagine
a car accepting the signature on a message which tells it to slow
down, and the large truck behind it rejecting that same signature.)
Robert Ransom
More information about the Curves
mailing list