[curves] Curves for pairings

Nicolai nicolai-curves at chocolatine.org
Tue Oct 4 09:40:36 PDT 2016

On Thu, Sep 29, 2016 at 12:16:40PM -0700, Ray Dillinger wrote:
> Post-Quantum security recommendations for symmetric ciphers (the keys to
> which are the material that are most of what public-key algorithms are
> used to encrypt) recommend 256-bit keys and recommend NOT using AES-256
> in particular.

Hi Ray,

Do you have a citation for this claim?  I have a counter-citation:

Section 2, "Symmetric Encryption" recommends AES-256 and Salsa20 with
a 256-bit key:


Though it's not an ECC issue, and maybe I misunderstood what you wrote.


More information about the Curves mailing list