Re: [PATCH 0/6] Add support for ECDSA algorithm
Hi, Sandy, On 08/22/2017 08:22 PM, Sandy Harris wrote: On Tue, Aug 22, 2017 at 12:14 PM, Tudor Ambaruswrote: Hi, Herbert, On 02/02/2017 03:57 PM, Herbert Xu wrote: Yes but RSA had an in-kernel user in the form of module signature verification. We don't add algorithms to the kernel without actual users. So this patch-set needs to come with an actual in-kernel user of ECDSA. ECDSA can be used by the kernel module signing facility too. Is there any interest in using ECDSA by the kernel module signing facility? I'd say keep it simple wherever possible; adding an algorithm should need "is required by" not just "can be used by". Even then, there is room for questions. In particular, whether such a fragile algorithm should be trusted at all, let alone for signatures on infrastructure modules that the whole OS will trust. https://en.wikipedia.org/wiki/Elliptic_Curve_Digital_Signature_Algorithm#Security ECDSA is a better alternative to RSA for digital signatures assuming that you don't have implementation bugs. ECDSA requires a much smaller key length in order to provide the same security strength as RSA (see [1]): security strength | RSA key length (bits) | ECDSA key lengths (bits) 112 2048224-255 128 3072256-383 When comparing to RSA, ECDSA promises better computational efficiency, signature size and bandwith (see [2]). Cheers, ta [1] NIST.SP.800-57pt1r4, section 5.6.1, table 2 [2] rfc4754, rfc6979
Re: Re: [PATCH 0/6] Add support for ECDSA algorithm
On Tue, Aug 22, 2017 at 12:14 PM, Tudor Ambaruswrote: > Hi, Herbert, > > On 02/02/2017 03:57 PM, Herbert Xu wrote: >> >> Yes but RSA had an in-kernel user in the form of module signature >> verification. We don't add algorithms to the kernel without >> actual users. So this patch-set needs to come with an actual >> in-kernel user of ECDSA. > > > ECDSA can be used by the kernel module signing facility too. Is there > any interest in using ECDSA by the kernel module signing facility? I'd say keep it simple wherever possible; adding an algorithm should need "is required by" not just "can be used by". Even then, there is room for questions. In particular, whether such a fragile algorithm should be trusted at all, let alone for signatures on infrastructure modules that the whole OS will trust. https://en.wikipedia.org/wiki/Elliptic_Curve_Digital_Signature_Algorithm#Security
Re: Re: [PATCH 0/6] Add support for ECDSA algorithm
Hi, Herbert, On 02/02/2017 03:57 PM, Herbert Xu wrote: Yes but RSA had an in-kernel user in the form of module signature verification. We don't add algorithms to the kernel without actual users. So this patch-set needs to come with an actual in-kernel user of ECDSA. ECDSA can be used by the kernel module signing facility too. Is there any interest in using ECDSA by the kernel module signing facility? Thanks, ta
Re: [PATCH 0/6] Add support for ECDSA algorithm
Am Donnerstag, 2. Februar 2017, 21:57:21 CET schrieb Herbert Xu: Hi Herbert, > On Thu, Jan 26, 2017 at 11:30:04AM +0530, Nitin Kumbhar wrote: > > This ECDSA implementation is analogous to the RSA kernel implementation > > for > > signature generation / verification. It extends ECC family of algorithms > > like ECDH to support signature verification using akcipher. This will be > > used in a way similar to RSA. > > Yes but RSA had an in-kernel user in the form of module signature > verification. We don't add algorithms to the kernel without > actual users. So this patch-set needs to come with an actual > in-kernel user of ECDSA. If I understood correctly, the crypto API should also provide device drivers for cryptographic accelerators to user space. This would be of special importance for asymmetric ciphers considering their resource intense operation. As for each HW implementation there should be a SW fallback, shouldn't ECDSA therefore be added? Please note that I am currently updating algif_akcipher to be en-par with algif_skcipher and algif_aead, including an AIO operation. Ciao Stephan
Re: [PATCH 0/6] Add support for ECDSA algorithm
Hello Herbert, On 2/2/2017 7:27 PM, Herbert Xu wrote: On Thu, Jan 26, 2017 at 11:30:04AM +0530, Nitin Kumbhar wrote: This ECDSA implementation is analogous to the RSA kernel implementation for signature generation / verification. It extends ECC family of algorithms like ECDH to support signature verification using akcipher. This will be used in a way similar to RSA. Yes but RSA had an in-kernel user in the form of module signature verification. We don't add algorithms to the kernel without actual users. So this patch-set needs to come with an actual in-kernel user of ECDSA. If this is about ECC in kernel then ECDSA extends ECDH which is from ECC and already part of kernel. If none of the above are sufficient for now then let these patches come along with a consumer or let kernel add ECDSA based on akcipher as part of a crypto engine. Nonetheless, how about rest of the vli and ECC patches? Thanks, Regards, - Nitin --- This email message is for the sole use of the intended recipient(s) and may contain confidential information. Any unauthorized review, use, disclosure or distribution is prohibited. If you are not the intended recipient, please contact the sender by reply email and destroy all copies of the original message. ---
Re: [PATCH 0/6] Add support for ECDSA algorithm
On Thu, Jan 26, 2017 at 11:30:04AM +0530, Nitin Kumbhar wrote: > > This ECDSA implementation is analogous to the RSA kernel implementation for > signature generation / verification. It extends ECC family of algorithms > like ECDH to support signature verification using akcipher. This will be > used in a way similar to RSA. Yes but RSA had an in-kernel user in the form of module signature verification. We don't add algorithms to the kernel without actual users. So this patch-set needs to come with an actual in-kernel user of ECDSA. Thanks, -- Email: Herbert XuHome Page: http://gondor.apana.org.au/~herbert/ PGP Key: http://gondor.apana.org.au/~herbert/pubkey.txt
Re: [PATCH 0/6] Add support for ECDSA algorithm
Am Donnerstag, 26. Januar 2017, 11:30:04 CET schrieb Nitin Kumbhar: Hi Nitin, > > Who is going to use this in the kernel? > > This ECDSA implementation is analogous to the RSA kernel implementation > for signature generation / verification. It extends ECC family of > algorithms like ECDH to support signature verification using akcipher. > This will be used in a way similar to RSA. So, I guess that I should dust off algif_akcipher now. Ciao Stephan -- To unsubscribe from this list: send the line "unsubscribe linux-crypto" in the body of a message to majord...@vger.kernel.org More majordomo info at http://vger.kernel.org/majordomo-info.html
Re: [PATCH 0/6] Add support for ECDSA algorithm
Hello Herbert, On 1/23/2017 7:54 PM, Herbert Xu wrote: On Fri, Jan 20, 2017 at 05:05:55PM +0530, Nitin Kumbhar wrote: Hello, This patch series adds support for Elliptic Curve Digital Signature Algorithm (ECDSA). To reuse existing ECC functionality, which is added as part of ECDH, it separates out ECC and ECDH so that only ECC functionality is available for ECDSA even when ECDH is in a disabled state. Patch #1 restructures ECC and ECDH code such that ECC is not dependent on ECDH config. Patches #2 & #3 add vli and ecc functions which are required for other Elliptic curve algorithms like ECDSA and ECIES. Patch #4 adds support for ECDSA. This has been validated for P192 and P256 elliptic curves. Patches #5 and #6 add ECDSA tests to validate ECDSA functionality and measure ECDSA performance. Who is going to use this in the kernel? This ECDSA implementation is analogous to the RSA kernel implementation for signature generation / verification. It extends ECC family of algorithms like ECDH to support signature verification using akcipher. This will be used in a way similar to RSA. Thanks, Regards, - Nitin --- This email message is for the sole use of the intended recipient(s) and may contain confidential information. Any unauthorized review, use, disclosure or distribution is prohibited. If you are not the intended recipient, please contact the sender by reply email and destroy all copies of the original message. --- -- To unsubscribe from this list: send the line "unsubscribe linux-crypto" in the body of a message to majord...@vger.kernel.org More majordomo info at http://vger.kernel.org/majordomo-info.html
Re: [PATCH 0/6] Add support for ECDSA algorithm
On Fri, Jan 20, 2017 at 05:05:55PM +0530, Nitin Kumbhar wrote: > Hello, > > This patch series adds support for Elliptic Curve Digital Signature > Algorithm (ECDSA). To reuse existing ECC functionality, which is > added as part of ECDH, it separates out ECC and ECDH so that > only ECC functionality is available for ECDSA even when ECDH is in > a disabled state. > > Patch #1 restructures ECC and ECDH code such that ECC is not > dependent on ECDH config. > > Patches #2 & #3 add vli and ecc functions which are required > for other Elliptic curve algorithms like ECDSA and ECIES. > > Patch #4 adds support for ECDSA. This has been validated for P192 > and P256 elliptic curves. > > Patches #5 and #6 add ECDSA tests to validate ECDSA functionality > and measure ECDSA performance. Who is going to use this in the kernel? Thanks, -- Email: Herbert XuHome Page: http://gondor.apana.org.au/~herbert/ PGP Key: http://gondor.apana.org.au/~herbert/pubkey.txt -- To unsubscribe from this list: send the line "unsubscribe linux-crypto" in the body of a message to majord...@vger.kernel.org More majordomo info at http://vger.kernel.org/majordomo-info.html