[Cryptography] More efficient and just as secure to sign message hash using Ed25519?
James Cloos
cloos at jhcloos.com
Thu Aug 6 13:43:25 EDT 2015
>>>>> "A" == Allen <allenpmd at gmail.com> writes:
A> P.S, I might add that for many applications it would be good to include:
A> Step 0. A pseudo-random nonce is generated and appended to the message.
The recent thread on cfrg suggests that the nonce needs to be prepended
rather than apended to avoid attacks.
-JimC
--
James Cloos <cloos at jhcloos.com> OpenPGP: 0x997A9F17ED7DAEA6
More information about the cryptography
mailing list