On this page8. Security Considerations8. Security Considerations Contents 8.1 Side-Channel Leaks 8.2 Randomness Considerations 8.3 Use of Contexts 8.4 Signature Malleability 8.5 Choice of Signature Primitive 8.6 Mixing Different Prehashes 8.7 Signing Large Amounts of Data at Once 8.8 Multiplication by Cofactor in Verification 8.9 Use of SHAKE256 as a Hash Function