--- Day changed Sat Sep 08 2018 01:15 < gmaxwell> I think elegator^2 has a malleability vulnerability. 01:16 < gmaxwell> An active attacker can quietly identify your el2 traffic by swapping the 32 byte strings, and seeing if you continue on like nothing happened. 03:36 < nsh> who's proposing elligator^2 for security? 03:36 < nsh> oh M Tibouchi - ‎2014 03:43 < nsh> i think maybe https://www.iacr.org/archive/eurocrypt2015/90560291/90560291.pdf shows that elligator[^2] schemes are not necessarily safe without salting, although it's in some context of backdoored PRNGs 04:20 -!- meshcollider_ [uid246294@gateway/web/irccloud.com/x-skbjnyglgikalast] has joined #secp256k1 07:40 -!- meshcollider_ [uid246294@gateway/web/irccloud.com/x-skbjnyglgikalast] has quit [Quit: Connection closed for inactivity] 14:13 -!- nickler [~nickler@185.12.46.130] has quit [Ping timeout: 260 seconds] 14:25 -!- nickler [~nickler@185.12.46.130] has joined #secp256k1 17:29 -!- echonaut [~echonaut@46.101.192.134] has quit [Remote host closed the connection] 17:29 -!- echonaut10 [~echonaut@46.101.192.134] has joined #secp256k1 19:53 -!- ken2812221_ [~ken281222@180.217.128.66] has joined #secp256k1 19:54 -!- ken2812221 [~ken281222@180.217.128.66] has quit [Ping timeout: 240 seconds]