nisse@lysator.liu.se (Niels Möller) writes:
- Eddsa signatures with curve448. Needs SHAKE support first (Daiki posted patches for this long ago).
Done!
- Renaming of stuff using curve names consistently (recent patches by Dmitry). Preparation for new gost curves.
Done! And GOSTDSA with the two easiest GOST curves now on the ecc-cost branch.
- I'm considering changing the struct ecc_point representation to use montgomery representation of the for the individual coordinates, for primes where we use that. Then ecc_a_to_* will (almost?) be redundant.
I still think ecc_a_to_* could be eliminated. They do redc conversions for curves that use that, and some copying of the unit field element.
While looking at this, I also noticed that it seems ecc->g is used only by tests. So this data could be removed from struct ecc_curve.
- Adding support for compact representation (patches from Wim Lewis). I have some of the preparations merged on a branch, but I think it will be simpler if (3) is done first.
I'm thinking that maybe it's reasonalbe to make a release soon, since we have a couple of new features, including ED448, GOSTDSA, SIV-CMAC. If we want to focus on getting a release out, I think both the compact representation change and additional GOST curves should be postponed until after the release. (The ecc_a_to_* cleanup above is also not that important from a release perspective, but I expect it to be fairly easy).
Regards, /Niels