[Top][All Lists]

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: GNUNET_CRYPTO_ecdh_ecdsa fails with anonymous key

From: Schanzenbach, Martin
Subject: Re: GNUNET_CRYPTO_ecdh_ecdsa fails with anonymous key
Date: Tue, 9 Mar 2021 18:27:13 +0100


I found the error.


> On 2. Mar 2021, at 20:17, Schanzenbach, Martin <> 
> wrote:
> Hi,
> I can confirm this is happening.
> My first gut feeling also was that this should work.
> The anonymous identity (=private key) is simply "1".
> The public key for the generator G is 1*G = G and also constant.
> Given that ECDH simply multiplies the scalar values, there is not really
> an obvious reason to me why this should not work except for a math thing or
> implementation quirk in libsodium.
> BR
> Martin
>> On 1. Mar 2021, at 17:57, TheJackiMonster <> wrote:
>> Hi,
>> I was actually integrating private messages into the messenger API when
>> I encountered that decrypting messages failed awfully. I thought
>> something in my code was wrong, then I double checked the crypto
>> functions:
>> GNUNET_CRYPTO_ecdh_ecdsa(...) and GNUNET_CRYPTO_ecdsa_ecdh(...)
>> But their test-case in util checked successfully. So I tested with the
>> ECDSA key from GNUNET_CRYPTO_ecdsa_key_get_anonymous() which gets used
>> by the anonymous ego in the identity service.
>> So the result was, that GNUNET_CRYPTO_ecdh_ecdsa and
>> GNUNET_CRYPTO_ecdsa_ecdh returned different hashes when using the
>> anonymous key. These functions are using for encrypting and decrypting
>> messages (generating a shared key).
>> From my point of view it would be fine to just letting the
>> GNUNET_IDENTITY_encrypt() and GNUNET_IDENTITY_decrypt() functions fail
>> when the anonymous key gets used (it doesn't make sense for private
>> messages anyway) but I was wondering why verification still seems to
>> work with this key.
>> Also I wanted to ask if this behavior was expected. Maybe this could be
>> addressed in some doxygen comments.
>> Happy hacking
>> Jacki

Attachment: signature.asc
Description: Message signed with OpenPGP

reply via email to

[Prev in Thread] Current Thread [Next in Thread]