2023-03-08 19:40:38
Go
PUBLISHED
Multiplication of certain unreduced P-256 scalars produce incorrect results. There are no protocols known at this time that can be attacked due to this.