← Back to Bitcoin Improvement Proposals
BIPinformationalkey-managementsigning
BIP 340 improvements
This makes a number of changes to BIP 340: * The tie-breaker for public keys with implicit Y coordinate is changed from square to even. This improves signing speed, and makes integration with existing key generation easier. This also has implications for BIP 341. * The nonce generation function is improved to take certain failure scenarios into account (precomputed public key, fault injection attacks, power analysis). * Recommendations around using of signing-time randomness and verification are
No reviewsCollections:BIPs — Merged
Specification
This makes a number of changes to BIP 340:
- The tie-breaker for public keys with implicit Y coordinate is changed from square to even. This improves signing speed, and makes integration with existing key generation easier. This also has implications for BIP 341.
- The nonce generation function is improved to take certain failure scenarios into account (precomputed public key, fault injection attacks, power analysis).
- Recommendations around using of signing-time randomness and verification are strengthened as these reduce vulnerabilities against the above attacks significantly.
- The tags are updated to make sure accidental use of earlier draft code breaks consistently.
- Various contributed improvements.
This is rebased on top of #892 to avoid conflicts.
Discussion (0 threads)
Loading discussions...