[Cryptech Tech] why not deterministic ecdsa?

Leif Johansson leifj at sunet.se
Sun Sep 6 20:53:00 UTC 2015

Previous message (by thread): [Cryptech Tech] why not deterministic ecdsa?
Next message (by thread): [Cryptech Tech] why not deterministic ecdsa?
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

On 2015-09-06 22:28, Rob Austein wrote:
> At Sun, 06 Sep 2015 22:17:25 +0200, Simon Josefsson wrote:
>>
>> Am I reading this right that your ECDSA code generated a fresh k
>> from your TRNG?
> 
> Yes.  Given that we think the TRNG is fairly solid, this is not
> particularly expensive.
> 
>> You want to read and consider RFC 6979.
> 
> Read it a while back.  Haven't seen anything suggesting serious
> uptake, but will defer to the usual suspects if they have advice.

I believe it is less critical if you trust your rng, right?

Previous message (by thread): [Cryptech Tech] why not deterministic ecdsa?
Next message (by thread): [Cryptech Tech] why not deterministic ecdsa?
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

More information about the Tech mailing list