|
|
|
|
|
|
by neokantian
2587 days ago
|
|
|
The edcurve.js project( https://www.npmjs.com/package/ed2curve ) was apparently doing something similar already, but the author disclaimed: "Note that there's currently no proof that this is safe to do." while referring to a 2013 stackexchange discussion on the subject: https://crypto.stackexchange.com/questions/3260/using-same-k.... It may be necessary to formally prove that combined use does not introduce new vulnerabilities. The phrase "What remains open for future work is checking for cross-protocol attacks", is quite ominous in this respect. For example, combined use could gradually leak private bits to the attacker. Therefore, the status of this combined use strategy is still the same as ever before: doubtful. |
|
|