GitLab

UniformDH is used by obfs3 and scramblesuit currently, and it might get used by more projects in the future. Yawning suggested to improve its spec to make its adoption easier.

Yawning suggested adding test vectors. We can look at test vectors of other key exchange protocols to see how they should look like. Example: https://tools.ietf.org/html/rfc6932#appendix-A.1

Some more suggestions:

14:54 < Yawning> *looks at the list of gotchas*
14:54 < Yawning> spec should clarify that 0s are inserted if the public key is shorter than 1536 bits (probably obvious)
14:55 < Yawning> Should clarify that abs(p - X) is sent (99% sure that's what happens)
14:55 < Yawning> spec says to simply raise the public key, when it's another mod exp operation
14:56 < Yawning> apart from "wtb test vectors" those where the things i found
15:00 < Yawning> I also was sort of sad that MAX_PADDING isn't a power of 2, but probably too late to change that and that might have been deliberate