curve_to_hidden: Note it is intended for ephemeral only

author Fabio Scotoni <34964387+fscoto@users.noreply.github.com>

Tue, 24 Mar 2020 13:57:40 +0000 (14:57 +0100)

committer Fabio Scotoni <34964387+fscoto@users.noreply.github.com>

Tue, 24 Mar 2020 13:57:40 +0000 (14:57 +0100)
author Fabio Scotoni <34964387+fscoto@users.noreply.github.com>
Tue, 24 Mar 2020 13:57:40 +0000 (14:57 +0100)
committer Fabio Scotoni <34964387+fscoto@users.noreply.github.com>
Tue, 24 Mar 2020 13:57:40 +0000 (14:57 +0100)
diff --git a/doc/man/man3/crypto_curve_to_hidden.3monocypher b/doc/man/man3/crypto_curve_to_hidden.3monocypher

index b1abe7e94f2db81ac08f7184a6cc325a7173118a..662e6e5976394ab37f1765a715b5e209981b8663 100644 (file)
--- a/doc/man/man3/crypto_curve_to_hidden.3monocypher
+++ b/doc/man/man3/crypto_curve_to_hidden.3monocypher
@@ -82,6 +82,8 @@ This is of interest for key exchange protocols that require
  indistinguishability from randomness, such as padded uniform random
  blobs (PURBs) and exponential blinding in oblivious pseudo-random
  functions (OPRFs).
+They are intended for ephemeral (short-lived, possibly just one-time)
+X25519 keys, not for long-term public keys.
  This is an
  .Em advanced feature
  \(en unless you are implementing an protocol that requires
author	Fabio Scotoni <34964387+fscoto@users.noreply.github.com>
	Tue, 24 Mar 2020 13:57:40 +0000 (14:57 +0100)
committer	Fabio Scotoni <34964387+fscoto@users.noreply.github.com>
	Tue, 24 Mar 2020 13:57:40 +0000 (14:57 +0100)