[curves] PAKE questions
Mike Hamburg
mike at shiftleft.org
Mon Feb 9 00:02:57 PST 2015
On 2/7/2015 4:45 PM, Michael Hamburg wrote:
>> On Feb 7, 2015, at 4:30 PM, Brian Warner <warner at lothar.com> wrote:
>>
>> On 2/7/15 2:21 PM, Michael Hamburg wrote:
>>> *Shameless plug*:
>>> If you’d like, I can get Decaf up and running on TwistEd25519 in
>>> Python. Decaf divides the cofactor by 4, and also conveniently
>>> implements a hash to the curve.
>> That'd be fun :).
> OK, I’ll see what I can do.
>
Actually this will take a while. I'm pretty busy this week, but I was
going to just cut and paste the code with different constants. I forgot
something though: the twist of Curve25519 is a *twisted* Montgomery
curve, and over a 1-mod-4 field that's actually a different thing (I
think? Other EC folks please correct me if I'm wrong). The strategy
still works but a bunch of the formulas need adjustment.
Cheers,
-- Mike
More information about the Curves
mailing list