# Brian's Blog cryptography

## Uniformly Random Scalars

Many cryptographic protocols, like Diffie-Hellman and SPAKE2, require a
way to choose a uniformly random scalar from some prime-order range.
Why? What is the best way to do this?
more…

## SPAKE2 "random" elements

SPAKE2 requires two special "arbitrary" constants M and N. What
properties do these constants really need? What attacks are possible if
these requirements are not met?
more…