[tahoe-dev] Uniformity of 'semi-private' keys [correction]

Zooko Wilcox-O'Hearn zooko at zooko.com
Wed May 20 02:42:26 UTC 2009


On May 19, 2009, at 20:14 PM, David-Sarah Hopwood wrote:

> Correction: for ECDSA there are two options -- q is prime, or q =  
> 2^m. I would recommend using only the former with this semi-private  
> key idea (there may or may not be an attack against the latter, but  
> it is more difficult to analyse).

Thank you very much for the explanation about the distribution of  
semi-private keys in elliptic curves.

We plan to use only the ones in a GF(p) field because those ones tend  
to be faster in software [1].  We're probably going to be using the  
ANSI X9.62 secp256r1: [2].

> PS. can I have a login on the allmydata Trac?


I would love your contributions on the trac.  There should be a link  
with anchor text "register" in the upper-right-hand side, which you  
can use to create your own login.  Let me know if you need help.

Regards,

Zooko

[1] http://cryptopp.com/benchmarks.html
[2] http://allmydata.org/trac/pycryptopp/browser/cryptopp/ 
eccrypto.cpp#L265
---
Tahoe, the Least-Authority Filesystem -- http://allmydata.org
store your data: $10/month -- http://allmydata.com/?tracking=zsig
I am available for work -- http://zooko.com/résumé.html




More information about the tahoe-dev mailing list