I hope that u won't create a "solution" that leaks private key bits. I'm against the changes until I see a formal proof, so u better talk to Jean-Luc.
Well, I understand math behind the change. (Please, spend 5 min, to read original BloodyRookie's post).
The ONLY difference to original sign is that (x-h) is represented correctly.
(and it WON'T leak keys, attacker would STILL need to solve DLP problem in that group:
or in other words, if
s is priv key, what is the difference between
a*s and
a'*s)
I'm going to run NRS with patched Curve from now on.
edit: some more explanation here:
https://nextcoin.org/index.php/topic,3915.0.htmlWell since you understand this math and stuff, how about you make us MPK like functionality and we will reward you handsomely for it.
NAME THE PRICE, If it was reasonable I will PAY, I will use escrow as well, I will also rally for more funds for this.
Basically I need you to implement BIP0032 for NXT, or at least tell us if and why it is not possible to do so.
A link to show you what I am trying to accomplish here:
https://github.com/genjix/bips/blob/master/bip-0032.md, It was implemented in Electrum bitcoin thin client. For me it will suffice if you make the appropriate working address generation in Java.
This is an open request and prize.
- Lophie