Feasible yes, desirable no: we're not _otherwise_ badly breaking compatibility, so IMO we should put this in Mantis and flag it for the release when we change the core KX and thus break compatibility badly anyway.
On 07/11/2018 03:38 PM, Devan Carpenter wrote: > Thanks for the discovery and analysis of this, Bernd. > > I wonder if this would be feasible to try to make into the 0.11.0 release..? > > Bernd Fix transcribed 1.1K bytes: >> The EdDSA signature implementation in GNUnet calls the 'gcry_pk_sign >> (&sig, msg, prv)' function not with the message itself, but with the >> SHA512 hash value of the message. >> >> Due to the intricities of EdDSA signing this is not necessary (hashing >> is done in the sign function itself, as more than just the message is >> hashed for this). >> >> Although the GNUnet approach is not breaking things technically, it >> produces unnecesary load: It is running an extra SHA512 - and because >> the signed message is usually rather small (from what I have seen until >> now the signed data is smaller than the 64 bytes of a SHA512 result), >> the sign functions even needs to hash more data than necessary. >> >> I guess that changing the sign/verify procedure would break >> compatibility between new and old nodes and is therefore not feasable. I >> just want to mention this in case a major version change is considered. >> >> Thanks for your attention, Bernd. >> >> _______________________________________________ >> GNUnet-developers mailing list >> GNUnet-developers@gnu.org >> https://lists.gnu.org/mailman/listinfo/gnunet-developers >> >> >> _______________________________________________ >> GNUnet-developers mailing list >> GNUnet-developers@gnu.org >> https://lists.gnu.org/mailman/listinfo/gnunet-developers
0xE29FC3CC.asc
Description: application/pgp-keys
signature.asc
Description: OpenPGP digital signature
_______________________________________________ GNUnet-developers mailing list GNUnet-developers@gnu.org https://lists.gnu.org/mailman/listinfo/gnunet-developers
