Use deterministic signatures for ECDSA keys. #299

Merged
merged 3 commits into from Apr 14, 2014

Projects

None yet

3 participants

@alex
Contributor
alex commented Apr 1, 2014

This is now considered the preffered approach across the board for ECDSA. This
is because with the traditional, random "k" parameter for ECDSA, any entropy
problems at all, even a single bit, about "k", results in a complete compromise
(see https://en.wikipedia.org/wiki/ECDSA#Security). The deterministic algorithm
doesn't have this downside.

@alex alex Use deterministic signatures for ECDSA keys.
This is now considered the preffered approach across the board for ECDSA. This
is because with the traditional, random "k" parameter for ECDSA, any entropy
problems at all, even a single bit, about "k", results in a complete compromise
(see https://en.wikipedia.org/wiki/ECDSA#Security). The deterministic algorithm
doesn't have this downside.
fded67e
@alex
Contributor
alex commented Apr 14, 2014

CC'ing @warner to back me up on this :-)

alex added some commits Apr 14, 2014
@bitprophet bitprophet merged commit 91ab5f0 into paramiko:master Apr 14, 2014
@bitprophet bitprophet added a commit that referenced this pull request Apr 14, 2014
@bitprophet bitprophet Changelog, closes #299 e96e265
@alex alex deleted the alex:ecdsa-deterministic branch Apr 14, 2014
@warner
warner commented Apr 14, 2014

yeah, deterministic k is great.

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment