25519 is 255-bit?

Daniel Kahn Gillmor dkg at fifthhorseman.net
Wed Apr 16 16:30:44 CEST 2014

On 04/16/2014 08:16 AM, Werner Koch wrote:
> On Wed, 16 Apr 2014 06:22, gniibe at fsij.org said:
>> I don't know if we should "fix" this or not, but I think that
>> it's 255-bit.
> There was some problem with using 255 bit.  I can't remember right not.
> Possible in an application using Libgcrypt.  Thus I rounded it up to 256
> bit.

rounding up seems like a risky business if this information is ever used
as a security estimation.  I understand that it's not a large
difference, but it seems like the bug ought to be fixed in the
application using libgcrypt (presumably it needs to do the byte-wise
rounding up itself for buffer allocation or something) rather than
having libgcrypt report incorrect information.


-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 1010 bytes
Desc: OpenPGP digital signature
URL: </pipermail/attachments/20140416/55ced491/attachment-0001.sig>

More information about the Gcrypt-devel mailing list