Hi Bernd,
I don't quite see that the attack applies, as our nonces are
high-entropy *and* never attacker-controlled.
So my (brief) reading of the paper doesn't suggest that this kills
GNS-ECDSA.
My 2 cents
Christian
On 3/7/23 11:29, Bernd Fix wrote:
Hi,
reading a recent paper (https://eprint.iacr.org/2023/305) I wonder if
this has any impact on GNUnet - especially GNS, which uses ECDSA
signatures for PKEY-signed payloads. Do we need to phase out PKEYs and
replace them with EDKEYs in the future?
Cheers, Bernd.
