Use `Public/SecretKey` for the `elliptic-curve` implementation
daxpedda opened this issue · 1 comments
Currently we are using ProjectivePoint and Scalar directly instead of PublicKey and SecretKey respectively.
The reason was that curve25519_dalek::Scalar supports Zeroize but not ZeroizeOnDrop.
But elliptic_curve::SecretKey supports ZeroizeOnDrop but not Zeroize.
(this was one of the main reasons I worked on introducing ZeroizeOnDrop in the first place)
The best solution here would be to introduce a SecretKey for Ristretto255, which currently doesn't exist, we could introduce this type ourselves in opaque-ke though.
Not sure what to do about elliptic_curve::PublicKey, as it implements neither. Is not zeroing out the public key acceptable?
This is analogous to facebook/voprf#57 and is mainly for code improvement and cleaner deserialization, it doesn't actually change anything.
Hmm, I see. Yes, not zeroing out the public key should be fine in this case.