[messaging] Issues in Schnorr DLEQ proofs
burdges at gnunet.org
Wed Jan 8 17:51:47 PST 2020
I'm also wrong about V(X)Ed25519 which actually does have one sentence that corrects the VRF output with a cofactor multiplication. :)
> On 8 Jan 2020, at 16:51, Jeff Burdges <burdges at gnunet.org> wrote:
> Appears Privacy Pass only uses prime order curves, but this only turns up in their code.
>> On 8 Jan 2020, at 14:40, Jeff Burdges <burdges at gnunet.org> wrote:
>> I have not yet checked if implementations of either V(X)Ed2551 or Privacy Pass correct the cofactor spec bugs. I have not yet either added all the references for the protocols being commented on or ported over all the reverences for the non-cofactor concerns from https://github.com/w3f/schnorrkel/blob/master/src/vrf.rs either.
-------------- next part --------------
A non-text attachment was scrubbed...
Size: 833 bytes
Desc: Message signed with OpenPGP
More information about the Messaging