2018-11-13 17:31 CET

View Issue Details Jump to Notes ]
IDProjectCategoryView StatusLast Update
0005398GNUnetutil librarypublic2018-07-11 23:30
Assigned To 
Platformi7OSDebian GNU/LinuxOS Versionsqueeze
Product VersionSVN HEAD 
Target VersionFixed in Version 
Summary0005398: redundant hash in EdDSA signature process
DescriptionThe EdDSA signature implementation in GNUnet calls the 'gcry_pk_sign
(&sig, msg, prv)' function not with the message itself, but with the
SHA512 hash value of the message.

Due to the intricities of EdDSA signing this is not necessary (hashing
is done in the sign function itself, as more than just the message is
hashed for this).

Although the GNUnet approach is not breaking things technically, it
produces unnecesary load: It is running an extra SHA512 - and because
the signed message is usually rather small (from what I have seen until
now the signed data is smaller than the 64 bytes of a SHA512 result),
the sign functions even needs to hash more data than necessary.

I guess that changing the sign/verify procedure would break
compatibility between new and old nodes and is therefore not feasable. I
just want to mention this in case a major version change is considered.

Thanks for your attention, Bernd.
Additional InformationShould be fixed when we next break compatibility "big time".
TagsNo tags attached.
Attached Files

-Relationships Relation Graph ] Dependency Graph ]

There are no notes attached to this issue.

-Issue History
Date Modified Username Field Change
2018-07-11 23:29 Christian Grothoff New Issue
2018-07-11 23:30 Christian Grothoff Reporter Christian Grothoff => bfix
2018-07-11 23:30 Christian Grothoff Status new => confirmed
+Issue History