[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
Re: [GNUnet-developers] EdDSA signature process
|
From: |
Christian Grothoff |
|
Subject: |
Re: [GNUnet-developers] EdDSA signature process |
|
Date: |
Wed, 11 Jul 2018 23:30:22 +0200 |
|
User-agent: |
Mozilla/5.0 (X11; Linux x86_64; rv:52.0) Gecko/20100101 Thunderbird/52.8.0 |
Filed as https://gnunet.org/bugs/view.php?id=5398
On 07/11/2018 02:58 PM, Bernd Fix wrote:
> The EdDSA signature implementation in GNUnet calls the 'gcry_pk_sign
> (&sig, msg, prv)' function not with the message itself, but with the
> SHA512 hash value of the message.
>
> Due to the intricities of EdDSA signing this is not necessary (hashing
> is done in the sign function itself, as more than just the message is
> hashed for this).
>
> Although the GNUnet approach is not breaking things technically, it
> produces unnecesary load: It is running an extra SHA512 - and because
> the signed message is usually rather small (from what I have seen until
> now the signed data is smaller than the 64 bytes of a SHA512 result),
> the sign functions even needs to hash more data than necessary.
>
> I guess that changing the sign/verify procedure would break
> compatibility between new and old nodes and is therefore not feasable. I
> just want to mention this in case a major version change is considered.
>
> Thanks for your attention, Bernd.
>
> _______________________________________________
> GNUnet-developers mailing list
> address@hidden
> https://lists.gnu.org/mailman/listinfo/gnunet-developers
>
signature.asc
Description: OpenPGP digital signature