The Guillou-Quisquater (GQ) signature scheme seems to be popular in theory literature due to its efficiency compared to other signature algorithms. In the real world however, there does not seem to be much use of GQ... It's not is any of the common cryptographic libraries (OpenSSL, CryptLib, Cryptix) or in any standards or RFCs.
What literature? Not any I've read - OTOH, I probably don't read enough.
My first question is if anyone knows if this is because there's some aspect of GQ that, when you actually go out and use it, makes it not as great as the theoretical discussion would make you think, or if its just a matter of "what we have now works well enough," and no one has pushed for getting GQ widely used. I'm guessing its the later given DSAs marginal foothold is only due to being legislated as a standard more or less.
The other questions that would be relevant are:
a) How much more efficient is it?
b) Is it encumbered in any way (e.g. patents)?
Searching the mailing list archives I couldn't find any previous discussion of GQ in OpenSSL. Part of OpenSSL's mission is to provide "a full-strength general purpose cryptography library". Would GQ fall into this category if it were to be implemented as another EVP signature algorithm, or is the focus more on just providing already standardized algorithms than every un-patented crypto algorithm out there? The project I'm working on right now (forward-secure signatures) could really use a fast base signature, so I'm looking into implementing GQ for it. If people think this would be a useful thing to add into OpenSSL I can look into doing the implementation there instead of in my F-S Sig library.
Sounds interesting. Where can I find out more about GQ? What exactly do you mean by "forward-secure signatures"?
Cheers,
Ben.
-- http://www.apache-ssl.org/ben.html http://www.thebunker.net/
"There is no limit to what a man can do or how far he can go if he doesn't mind who gets the credit." - Robert Woodruff
______________________________________________________________________ OpenSSL Project http://www.openssl.org Development Mailing List [EMAIL PROTECTED] Automated List Manager [EMAIL PROTECTED]
