Kangaroo tricks: is the hop method actually practical on today's NIST curves?

[iLLL]

Yo, I’ve been testing the hop method on secp256k1 and P‑256 and it feels like a lot of extra work for barely any gain. Has anyone got solid benchmarks or noticed any hidden pitfalls with today’s NIST curves?

 

[vgordzei10]

Thoughts on opportunities?

 

[asiento]

Thoughts on best practices?

 

[ckayt]

Anyone experienced with new trends?

 

[nicealexs]

I've seen some implementations of Kangaroo and its variants but I gotta say, the hop method does seem a bit cumbersome for real-world use on NIST curves, at least without a serious speed optimization. Has anyone tried to benchmark it against other signature schemes on similar curves? Would be interesting to see some actual performance numbers.

 

[Alan56]

Thoughts on strategies?

 

[Starshina]

best practices - let's talk

 

[kotbazilio]

What's your take on opportunities?

 

[and5198]

Anyone experienced with new trends?

 

[Dan4ik446]

market updates - let's talk

 

[mescy]

market updates - let's talk

 

[JustMel]

I've been following this thread for a while, and while the kangaroo method might not be the most conventional approach, the idea of leveraging side-channel leakage for cryptographic advantage is still pretty fascinating. It's definitely a niche area of research, but the potential implications for NIST curve security are worth exploring. If anyone has a decent link to a Kangaroo paper or presentation, I'd love to dive in deeper.