IETF Logo Mail Archive

Re: [Cfrg] Elliptic Curves - signature scheme: friendliness to low memory implementations (ends on June 3rd)

Ilari Liusvaara <ilari.liusvaara@elisanet.fi> Tue, 02 June 2015 11:43 UTC

Return-Path: <ilari.liusvaara@elisanet.fi>
X-Original-To: cfrg@ietfa.amsl.com
Delivered-To: cfrg@ietfa.amsl.com
Received: from localhost (ietfa.amsl.com [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 1DBE91ACDC5 for <cfrg@ietfa.amsl.com>; Tue, 2 Jun 2015 04:43:25 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -1.901
X-Spam-Level:
X-Spam-Status: No, score=-1.901 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, RCVD_IN_DNSWL_NONE=-0.0001, SPF_PASS=-0.001] autolearn=ham
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id jGRu9jFZ2Esm for <cfrg@ietfa.amsl.com>; Tue, 2 Jun 2015 04:43:23 -0700 (PDT)
Received: from emh07.mail.saunalahti.fi (emh07.mail.saunalahti.fi [62.142.5.117]) (using TLSv1 with cipher ADH-AES256-SHA (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 0050A1ACD8A for <cfrg@irtf.org>; Tue, 2 Jun 2015 04:43:22 -0700 (PDT)
Received: from LK-Perkele-VII (a91-155-194-207.elisa-laajakaista.fi [91.155.194.207]) by emh07.mail.saunalahti.fi (Postfix) with ESMTP id D09A04043; Tue, 2 Jun 2015 14:43:19 +0300 (EEST)
Date: Tue, 02 Jun 2015 14:43:19 +0300
From: Ilari Liusvaara <ilari.liusvaara@elisanet.fi>
To: Andrey Jivsov <crypto@brainhub.org>
Message-ID: <20150602114319.GA15386@LK-Perkele-VII>
References: <C49BFA4F-76B9-48A1-913B-144D606FBBDD@isode.com> <5564CBEC.8070109@brainhub.org> <87siafxiyw.fsf@latte.josefsson.org> <556D4112.7040208@brainhub.org>
MIME-Version: 1.0
Content-Type: text/plain; charset="utf-8"
Content-Disposition: inline
In-Reply-To: <556D4112.7040208@brainhub.org>
User-Agent: Mutt/1.5.23 (2014-03-12)
Sender: Ilari Liusvaara <ilari.liusvaara@elisanet.fi>
Archived-At: <http://mailarchive.ietf.org/arch/msg/cfrg/OEKvI3DpO1j4-8pU9ycx6oMfjfg>
Cc: cfrg@irtf.org
Subject: Re: [Cfrg] Elliptic Curves - signature scheme: friendliness to low memory implementations (ends on June 3rd)
X-BeenThere: cfrg@irtf.org
X-Mailman-Version: 2.1.15
Precedence: list
List-Id: Crypto Forum Research Group <cfrg.irtf.org>
List-Unsubscribe: <http://www.irtf.org/mailman/options/cfrg>, <mailto:cfrg-request@irtf.org?subject=unsubscribe>
List-Archive: <http://www.irtf.org/mail-archive/web/cfrg/>
List-Post: <mailto:cfrg@irtf.org>
List-Help: <mailto:cfrg-request@irtf.org?subject=help>
List-Subscribe: <http://www.irtf.org/mailman/listinfo/cfrg>, <mailto:cfrg-request@irtf.org?subject=subscribe>
X-List-Received-Date: Tue, 02 Jun 2015 11:43:25 -0000

On Mon, Jun 01, 2015 at 10:37:22PM -0700, Andrey Jivsov wrote:
> 
> On 5/29/2015 12:49 PM, Simon Josefsson wrote:
> >Andrey Jivsov <crypto@brainhub.org> writes:
> >
> >>Major OpenPGP implementations use streaming mode to sign (e.g. in 'cat
> >>InFile | gpg --clearsign'), just as with encryption, without writing
> >>sensitive data to a temporary file. They depend on IUF. I haven't seen
> >>this with SMIME/CMS -- this is harder, but possible.
> >It is no problem to support streaming of inputs and at the same time
> >support for example EdDSA which does not follow the IUF paradigm.  Don't
> >confuse Unix stdin/stdout streaming with streaming of input to a digital
> >signature algorithm.
> 
> To fix this new demand of low-level crypto there needs to be an engineering
> fix at a higher level. In the case of OpenPGP applications this means the
> buffering of the entire input must happen, somehow.

All signature algorithms in OpenPGP sign message hash, not the message
itself. So streaming input works fine (assuming the hash function is
CR).


-Ilari

v2.23.0 | Report a Bug | By Email