Check the smp and auth generation of scalars #180

claucece · 2018-12-10T20:53:13Z

They should all be hashed and pruned.

claucece · 2018-12-18T17:54:00Z

Ok, this needs an email to be sent to Mike. Basically, my concern is:

  HashToScalar(0x05 || G3 * r5 || G * r5 + G2 * r6)

should that scalar be hashed as well? It does not come from randomness; but from fixed values.

olabini · 2018-12-19T10:16:56Z

I thought Ian in our call was pretty clear that you can't modify the scalar output of that - or did I misunderstand?

olabini · 2019-03-10T19:57:35Z

OK, so I was mistaken. @claucece said in offline conversations that this is different. It's blocked waiting on input from Mike.

claucece · 2019-03-11T01:45:27Z

Yeah @olabini . Also Gustavo is looking into this :)

olabini · 2019-03-11T13:38:28Z

Great!

claucece added API OTRv4 basics importance high An issue that is absolutely necessary to have done before final release labels Dec 10, 2018

claucece added a commit that referenced this issue Dec 14, 2018

Add documentation for auth and check the generation of scalars #180

7d66183

olabini assigned claucece Mar 10, 2019

claucece added the cryptographic-issues label Oct 20, 2019

claucece added this to the cryptographic-issues milestone Oct 20, 2019

claucece modified the milestones: cryptographic-issues, April Feb 6, 2020

Provide feedback