Updating key validation refs.

armfazh · armfazh · commit 0ba9a9382e8b · 2019-06-21T11:54:34.000-07:00
The key validation can mitigate some attacks as such as the ones reported by [1] and [2]. [1] Genking-Valenta-Yarom (https://dx.doi.org/10.1145/3133956.3134029) [2] Cremers&Jackson (https://eprint.iacr.org/2019/526) Relates: #49
diff --git a/dh/x25519/doc.go b/dh/x25519/doc.go
@@ -1,15 +1,20 @@
-// Package x25519 provides Diffie-Hellman functions as specified in RFC-7748.
-//
-// References:
-//  - RFC7748 https://rfc-editor.org/rfc/rfc7748.txt
-//  - Curve25519 https://cr.yp.to/ecdh.html
-//
-// Validation of public keys.
-//
-// The Diffie-Hellman function, as described in RFC-7748, works for any public
-// key. However, if a different protocol requires contributory behaviour, then
-// the public keys must be validated against low-order points. To do that, the
-// Shared function performs this validation internally and returns false when
-// the public key is invalid (i.e., it is a low-order point).
-// See https://cr.yp.to/ecdh.html#validate.
+/*
+Package x25519 provides Diffie-Hellman functions as specified in RFC-7748.
+
+Validation of public keys.
+
+The Diffie-Hellman function, as described in RFC-7748 [1], works for any
+public key. However, if a different protocol requires contributory
+behaviour [2,3], then the public keys must be validated against low-order
+points [3,4]. To do that, the Shared function performs this validation
+internally and returns false when the public key is invalid (i.e., it
+is a low-order point).
+
+References:
+ - [1] RFC7748 by Langley, Hamburg, Turner (https://rfc-editor.org/rfc/rfc7748.txt)
+ - [2] Curve25519 by Bernstein (https://cr.yp.to/ecdh.html)
+ - [3] Bernstein (https://cr.yp.to/ecdh.html#validate)
+ - [4] Cremers&Jackson (https://eprint.iacr.org/2019/526)
+
+*/
 package x25519
diff --git a/dh/x448/doc.go b/dh/x448/doc.go
@@ -1,15 +1,20 @@
-// Package x448 provides Diffie-Hellman functions as specified in RFC-7748.
-//
-// References:
-//  - Curve448 and Goldilocks https://eprint.iacr.org/2015/625
-//  - RFC7748 https://rfc-editor.org/rfc/rfc7748.txt
-//
-// Validation of public keys.
-//
-// The Diffie-Hellman function, as described in RFC-7748, works for any public
-// key. However, if a different protocol requires contributory behaviour, then
-// the public keys must be validated against low-order points. To do that, the
-// Shared function performs this validation internally and returns false when
-// the public key is invalid (i.e., it is a low-order point).
-// See https://cr.yp.to/ecdh.html#validate.
+/*
+Package x448 provides Diffie-Hellman functions as specified in RFC-7748.
+
+Validation of public keys.
+
+The Diffie-Hellman function, as described in RFC-7748 [1], works for any
+public key. However, if a different protocol requires contributory
+behaviour [2,3], then the public keys must be validated against low-order
+points [3,4]. To do that, the Shared function performs this validation
+internally and returns false when the public key is invalid (i.e., it
+is a low-order point).
+
+References:
+ - [1] RFC7748 by Langley, Hamburg, Turner (https://rfc-editor.org/rfc/rfc7748.txt)
+ - [2] Curve25519 by Bernstein (https://cr.yp.to/ecdh.html)
+ - [3] Bernstein (https://cr.yp.to/ecdh.html#validate)
+ - [4] Cremers&Jackson (https://eprint.iacr.org/2019/526)
+
+*/
 package x448
