[Top][All Lists]

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: [GNUnet-developers] EcDSA signature scheme

From: Bernd Fix
Subject: Re: [GNUnet-developers] EcDSA signature scheme
Date: Fri, 13 Jul 2018 20:37:11 +0000
User-agent: Mozilla/5.0 (X11; Linux x86_64; rv:52.0) Gecko/20100101 Thunderbird/52.7.0

On 07/13/2018 04:50 PM, Christian Grothoff wrote:
> On 07/13/2018 06:39 PM, Bernd Fix wrote:
>> This constraint of course make things trickier, because that means we
>> are stuck in using Ed25519 for ECDHE. A possible solution (again: not
>> for GNUnet itself, but for implementators in general) for using Ed25519
>> points with ECDHE is to use the bijective mapping between Ed25519 and
>> Curve25519 and to do the ECDHE on Curve25519. Not nice probably, but
>> that could work.
> Well, there is another possibility: simply have *two* versions of
> ECDHE/X25519: one for Taler where we mix it with EdDSA, and another one
> for GNUnet core/cadet KX where we do not rely on this property.

And maybe even a third one: I stumbled across an approach to use
Curve25519 keypairs for both ECDH and Ed25519 signatures

Would that be feasible also for Taler? Since Taler (afaik) relies on
some GNUnet mechanisms, it seems preferable not to introduce YACS (Yet
Another Crypto Scheme)...

reply via email to

[Prev in Thread] Current Thread [Next in Thread]