Brainpool removed from crypto-refresh PQC spec
Werner Koch
wk at gnupg.org
Tue May 28 15:30:42 CEST 2024
On Tue, 28 May 2024 10:16, Andrew Gallagher said:
> I don’t think the number of lines of text is a meaningful test of
> “simplicity". Our metric should be technical clarity and
That depends. The original draft was good to explain things but hard
for an implementer to see what to do. For example the protocol
differences between X448 and X25519 are really small and thus this
should be folded into one description. In particular using a
definition
XFunc = X25519() for curve X25519 or X448() for curve X448.
SHAFunc = See table above.
folds the two descriptions into one. Less text, less code, less error.
FWIW, the second defintion could also be
SHAFunc = SHA3-256 for curve X25519 or SHA2-512 for curve X448.
but the "table above" is also used for the ECC-KEM-Weierstrass with more
curves.
Salam-Shalom,
Werner
--
The pioneers of a warless world are the youth that
refuse military service. - A. Einstein
-------------- next part --------------
A non-text attachment was scrubbed...
Name: openpgp-digital-signature.asc
Type: application/pgp-signature
Size: 247 bytes
Desc: not available
URL: <https://librepgp.org/pipermail/librepgp-discuss/attachments/20240528/e63a0a73/attachment.sig>
More information about the LibrePGP-discuss
mailing list