[Author Prev][Author Next][Thread Prev][Thread Next][Author Index][Thread Index]

[tor-commits] [torspec/master] Clarify requiring output check in EXP() spec in NewHope proposal.

To: tor-commits@xxxxxxxxxxxxxxxxxxxx
Subject: [tor-commits] [torspec/master] Clarify requiring output check in EXP() spec in NewHope proposal.
From: isis@xxxxxxxxxxxxxx
Date: Fri, 22 Jul 2016 12:05:35 +0000 (UTC)
Delivered-to: archiver@xxxxxxxx
Delivery-date: Fri, 22 Jul 2016 08:06:02 -0400
List-archive: <http://lists.torproject.org/pipermail/tor-commits/>
List-help: <mailto:tor-commits-request@lists.torproject.org?subject=help>
List-id: "auto: code repository commits" <tor-commits.lists.torproject.org>
List-post: <mailto:tor-commits@lists.torproject.org>
List-subscribe: <https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-commits>, <mailto:tor-commits-request@lists.torproject.org?subject=subscribe>
List-unsubscribe: <https://lists.torproject.org/cgi-bin/mailman/options/tor-commits>, <mailto:tor-commits-request@lists.torproject.org?subject=unsubscribe>
Patch-author: Isis Lovecruft <isis@xxxxxxxxxxxxxx>
Sender: "tor-commits" <tor-commits-bounces@xxxxxxxxxxxxxxxxxxxx>

commit bcf8c60a8b77a175b6ce448fed6d651f2d486054
Author: Isis Lovecruft <isis@xxxxxxxxxxxxxx>
Date:   Sun May 8 15:56:30 2016 +0000

    Clarify requiring output check in EXP() spec in NewHope proposal.
    
     * THANKS TO Yawning Angel for suggesting the clarification.
---
 proposals/XXX-newhope-hybrid-handshake.txt | 6 +++---
 1 file changed, 3 insertions(+), 3 deletions(-)

diff --git a/proposals/XXX-newhope-hybrid-handshake.txt b/proposals/XXX-newhope-hybrid-handshake.txt
index d11fbd2..607b533 100644
--- a/proposals/XXX-newhope-hybrid-handshake.txt
+++ b/proposals/XXX-newhope-hybrid-handshake.txt
@@ -73,9 +73,9 @@ Depends: prop#220 prop#249 prop#264
 
   Let `EXP(a, b) == X25519(., b, a)` with `g == 9`. Let X25519_KEYGEN() do
   the appropriate manipulations when generating the secret key (clearing the
-  low bits, twidding the high bits).
-
-  [XXX match RFC7748 notation more. --isis]
+  low bits, twidding the high bits).  Additionally, EXP() MUST include the
+  check for all-zero output due to the input point being of small
+  order (cf. RFC7748 Â§6).
 
   Let `X25519_KEYID(B) == B` where B is a valid X25519 public key.

_______________________________________________
tor-commits mailing list
tor-commits@xxxxxxxxxxxxxxxxxxxx
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-commits

Prev by Author: [tor-commits] [bridgedb/develop] Update CI test matrix to test using Debian Stretch versions.
Next by Author: [tor-commits] [bridgedb/develop] Merge branch 'release/0.3.6'
Previous by thread: [tor-commits] [torspec/master] Updated definition of round(); fixed two typos.
Next by thread: [tor-commits] [torspec/master] Fix a typo in the ascii diagram in the RebelAlliance proposal.
Index(es):
- Author
- Thread