Skip to content

v3.0.13: Merge pull request #434 from dedis/schnorr_checks

Compare
Choose a tag to compare
@jeffallen jeffallen released this 17 Aug 12:29
· 347 commits to master since this release
e1b7eab

This release fixes the following issues:

  • Malleable signatures with weak keys: #311, #426, #431. Thank you to David Cerezo @calctopian for his assistance identifying the problem and proposing solutions.
  • Fix G2 negation (#424). Thanks to Ian Goldberg.
  • Improvements to documents and examples.

Users are strongly encouraged to upgrade to this version because of the risk of accepting modified signatures as authentic. We have not detected any examples of weak keys in production use on the public Cothority ByzCoin blockchain. You should check your own application's public keys carefully before upgrading to this version of Kyber, as some signatures previously accepted, but subject to malleability due to the small order of the public key, will now be rejected.