[Cryptech Tech] why not deterministic ecdsa?

Rob Austein sra at hactrn.net
Sun Sep 6 20:28:53 UTC 2015

Previous message (by thread): [Cryptech Tech] why not deterministic ecdsa?
Next message (by thread): [Cryptech Tech] why not deterministic ecdsa?
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

At Sun, 06 Sep 2015 22:17:25 +0200, Simon Josefsson wrote:
> 
> Am I reading this right that your ECDSA code generated a fresh k
> from your TRNG?

Yes.  Given that we think the TRNG is fairly solid, this is not
particularly expensive.

> You want to read and consider RFC 6979.

Read it a while back.  Haven't seen anything suggesting serious
uptake, but will defer to the usual suspects if they have advice.

Previous message (by thread): [Cryptech Tech] why not deterministic ecdsa?
Next message (by thread): [Cryptech Tech] why not deterministic ecdsa?
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

More information about the Tech mailing list