I know I've bothered you before about this, but can you explain [1] for the layman? It seems to be saying that non-rigid curves may have secret attacks. Then provides a table where, for some reason, just the NIST curves are listed as "manipulatable".
It seems, from reading [2], that the NIST curves went out of their way to claim "verifiably random" generation....using unexplained seeds. The page says it's conceivable that the NIST curves have weaknesses that "were introduced deliberately by NSA."
I don't understand the math so it's likely I'm totally misunderstanding. But reading those pages, they seem to hint that the NIST curves might have some intentional flaws, and that it's suspicious that they generated curves that are susceptible to known problems.
It seems, from reading [2], that the NIST curves went out of their way to claim "verifiably random" generation....using unexplained seeds. The page says it's conceivable that the NIST curves have weaknesses that "were introduced deliberately by NSA."
I don't understand the math so it's likely I'm totally misunderstanding. But reading those pages, they seem to hint that the NIST curves might have some intentional flaws, and that it's suspicious that they generated curves that are susceptible to known problems.
1: http://safecurves.cr.yp.to/rigid.html 2: http://safecurves.cr.yp.to/bada55.html