Joachim Strömbergson joachim@secworks.se writes:
I'm at least seeing several projects where the ability to have a single keypair is highly desirable.
You're making me curious, can you give some example? For private keys, it should be easy to derive as many as one needs from a single secret using something like hash(secret | counter).
But for the corresponding public keys, there's no obvious way to link them together, so maybe a single key is more beneficial in that end? As a simpler alternative than having a main key and a signed certificate for each additional public key used for different purposes.
With the exception of the new XEdDS, Argon2 and possibly OCB mode, I would say that the suggested additions I listed are not for obscure research algorithms, but algorithms that see concrete usage.
Sorry, I didn't mean to discourage you. I imagine you have a much better overview of what's used in practice than I have.
But hey, It¨s just suggestions. I intended to provide code, but only if there is an interest for it.
Your contributions, past and future, are much appreciated. The attempt at separating research from mainstream wasn't intended to be a high bar, but it makes it easier for me if a proposed algorithm addition is accompanied by one or two examples of applications or protocols using it (like you surely did, for some of your suggestions). And from the set of non-obscure algorithms, which it makes sense to support in Nettle, I'd try to prioritize those most widely used.
Regards, /Niels