Timeline for Can a CRQC crack ECC without a public key?
Current License: CC BY-SA 4.0
6 events
| when toggle format | what | by | license | comment | |
|---|---|---|---|---|---|
| 20 mins ago | comment | added | samuel-lucas6 | @Caliph You should always include public keys in key derivation because it helps avoid attacks in general. This answer isn't about the KDF though; it's the fact you can't compute the shared secret because the recipient is unknown. Here is the spec for age. It's worth saying that age now supports hybrid ML-KEM-768. | |
| 50 mins ago | history | edited | kelalaka | CC BY-SA 4.0 |
little grammer to make it clear.
|
| 9 hours ago | comment | added | Paŭlo Ebermann | @Caliph usually the assumption is that the public key is, well, public. If you have a shared secret with the receiver, you can use symmetric cryptography. | |
| yesterday | vote | accept | Caliph | ||
| yesterday | comment | added | Caliph | So assuming that an additional KDF operation is cheap, it would be good practice to mix in the public key and not worry about it? Why isn't it standard? | |
| yesterday | history | answered | poncho♦ | CC BY-SA 4.0 |