From 7e305519171ad382ff13c231764982a1341fcb76 Mon Sep 17 00:00:00 2001 From: Matthias Schiffer Date: Fri, 9 Jan 2015 22:11:36 +0100 Subject: ec25519-fhmqvc: don't check group order of peers' public keys Skipping this check will significantly speed up startup with many peers. As we now do embedded group order verification, an attacker can't gain anything from small-subgroup attacks, so skipping the check isn't a security issue. --- src/protocols/ec25519_fhmqvc/handshake.c | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) (limited to 'src/protocols/ec25519_fhmqvc/handshake.c') diff --git a/src/protocols/ec25519_fhmqvc/handshake.c b/src/protocols/ec25519_fhmqvc/handshake.c index b1c6242..2daa709 100644 --- a/src/protocols/ec25519_fhmqvc/handshake.c +++ b/src/protocols/ec25519_fhmqvc/handshake.c @@ -554,7 +554,7 @@ static fastd_peer_t * add_dynamic(fastd_socket_t *sock, const fastd_peer_address memcpy(&peer_key.key, key, PUBLICKEYBYTES); if (!ecc_25519_load_packed(&peer_key.unpacked, &peer_key.key.int256) - || !fastd_protocol_ec25519_fhmqvc_check_key(&peer_key.unpacked)) { + || ecc_25519_is_identity(&peer_key.unpacked)) { pr_debug("ignoring handshake from %I (invalid key)", addr); return NULL; } -- cgit v1.2.3