[Cryptech Tech] Private Key Size in Hash-based Signatures

[Rob Austein]

On Sat, 23 Sep 2017 20:53:42 +0200, Rob Austein wrote:
> That's a very bad sign in a Python program.  I wonder if they used the
> claims-to-be-best-in-the-world-but-in-reality-awful-swig-crap M2Crypto
> library instead of one of the half-dozen decent ones?

Nope, they're using PyCrypto, which (in my experience, anyway) has
generally been pretty solid.  Not sure why they bothered going outside
the Python standard libraries, for what they're doing hashlib.sha256
and random.SystemRandom would probably work just fine.

URLs for both implementations, since either they have not been posted
here or I forgot where that message went:

https://github.com/davidmcgrew/hash-sigs/
https://github.com/cisco/hash-sigs