Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Double check ECQV #4

Open
burdges opened this issue Dec 24, 2018 · 1 comment

Comments

Projects
None yet
1 participant
@burdges
Copy link
Collaborator

commented Dec 24, 2018

We include an implicit certificate scheme similar to ECQV implicit certificates, as described in "Standards for efficient cryptography, SEC 4: Elliptic Curve Qu-Vanstone Implicit Certificate Scheme (ECQV)".

We also hash the issuer's public key when creating the challenge e, mostly because it sounds wise, but also since that helped with the MQV vs HMQV issues. Ristretto handles most point validation issues here, but anything like the identity, etc. needs checking.

I'll read through the security proof somewhat closer eventually. See:

Daniel R. L. Brown, Robert P. Gallant, Scott A. Vanstone. "Provably Secure Implicit Certificate Schemes". Financial Cryptography 2001. Lecture Notes in Computer Science. Springer Berlin Heidelberg. 2339 (1): 156–165. doi:10.1007/3-540-46088-8_15.

@burdges burdges changed the title MQV vs HMQV ECQV Dec 24, 2018

@burdges burdges changed the title ECQV Double check ECQV Dec 24, 2018

@burdges

This comment has been minimized.

Copy link
Collaborator Author

commented Dec 24, 2018

Also we need more tests if we're actually going to use these anywhere.

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
You can’t perform that action at this time.