[cryptography] Point compression prior art?
paul at ciphergoth.org
Sat May 21 04:47:41 EDT 2011
On 21/05/11 01:04, Sebastien Martini wrote:
>> From a practical point of view there is however something not really
> handy with Schnorr's signature scheme, that is you can't call the sign
> function with a hash of the message because the ephemeral public key
> must be concataned to the message before being hashed.
This isn't what you would do in practice; in practice one would hash the
message as normal, then hash that together with the ephemeral value to
generate the challenge value.
\/ o\ Paul Crowley, paul at ciphergoth.org
More information about the cryptography