7 Jul
2016
7 Jul
'16
3:06 p.m.
Hi, Some comments on the 3.3, plan:
- Add larger "safe" curves, e.g., M-383, curve41417, curve448 and
- E-521.
I think curve448 should be prioritized over anything else since it seems to be the only thing being standardized at the moment by CFRG: https://tools.ietf.org/html/rfc7748
For password hashing (pbkdf2), it may also worth considering to add support for argon2,which seems to be the only password hashing algorithm coming out of a competition: https://password-hashing.net/
Side-channel silent mem_equalp.
Do you mean a function with run time independent of its input values? I have such a function at gnutls: https://gitlab.com/gnutls/gnutls/blob/master/lib/safe-memfuncs.c#L70
regards, Nikos