[curves] Curve19119: A legacy-level little brother of Curve25519
Trevor Perrin
trevp at trevp.net
Thu Jul 27 15:32:02 PDT 2017
On Thu, Jul 27, 2017 at 4:27 PM, Björn Haase <bjoern.m.haase at web.de> wrote:
>
> "Making Password Authenticated Key Exchange Suitable For
> Resource-Constrained Industrial Control Devices"
> https://eprint.iacr.org/2017/562
>
> We observe a speedup factor of roughly 1.9 in comparison to our X25519
> implementation on a Cortex M0+ microcontroller.
Hi Björn,
Thanks, that's a good read. Couple Qs:
* Did you give any thought to FourQ, which claims similar speedups
with respect to 25519 but also a similar security level? [1]
* For the PAKE, since you have Elligator, did you consider anything
like the "SPAKE2-Elligator Edition" approach of [2] - basically,
DH-EKE where the DH public values are masked by adding
Elligator(password)?
Trevor
[1] https://eprint.iacr.org/2017/434.pdf
[2]
https://moderncrypto.org/mail-archive/curves/2015/000424.html
https://www.di.ens.fr/~mabdalla/papers/AbPo05a-letter.pdf
More information about the Curves
mailing list