[cryptography] Point compression prior art?
paul at ciphergoth.org
Wed May 4 04:33:05 EDT 2011
On 03/05/11 19:59, Zooko O'Whielacronx wrote:
> Have you seen DJB's "Irrelevant patents on elliptic-curve cryptography"
Yep. DJB uses "discard y" point compression in Curve25519, which works
with ECDH for the reasons he gives but does not work in many other
applications, such as ECDSA.
> DJB also has this page, which goes into more detail about 6141420:
This discusses "discard y" and the Eurocrypt '92 paper describing point
compression in GF(2^m) I discussed in my earlier email. The implication
is that at least some of claims 30 to 41 are invalidated by that paper,
but I'm not sure I can infer from this a specific technique for GF(p)
point compression that the patent cannot cover.
\/ o\ Paul Crowley, paul at ciphergoth.org
More information about the cryptography