[cryptography] regarding the NSA crypto "breakthrough"
bascule at gmail.com
Fri Sep 6 16:21:21 EDT 2013
On Fri, Sep 6, 2013 at 11:47 AM, James A. Donald <jamesd at echeque.com> wrote:
> Time to generate and select new elliptic curves by an open process,
> wherein any large random quantities are chosen by a non secret process,
> such as searching for the appropriate value nearest a round number.
There are curves not selected by e.g. NIST with a published rationale for
their selection, like Curve25519. Is there any reason why such curves can't
be evaluated retroactively?
See in particular Theorem 2.1.
-------------- next part --------------
An HTML attachment was scrubbed...
More information about the cryptography