160 bit
--
Janus
Den 21/09/2008 kl. 17.02 skrev Claudio Orlandi:
Could everyone specify the size of the field and the size of the
secret keys used?
Otherwise it's quite hard to understand the performance reported.
Regards,
Claudio
On Sun, Sep 21, 2008 at 4:59 PM, Adam Langley
<[EMAIL PROTECTED]> wrote:
On Sun, Sep 21, 2008 at 3:23 AM, Martin Geisler <[EMAIL PROTECTED]>
wrote:
Calling a ElGamal function in NaCl would be very cool and
probably a bit
faster since you wont have to do all the tuple packing and unpacking
that you do in the Python version.
NaCl has support for a primitive called a 'box'. The boxing function
takes these inputs:
* The message
* An nonce
* The recipient's public key
* The sender's private key
Note that requiring the sender's private key makes this different
from
most public key encryption functions. The unboxing function,
symmetrically, requires the sender's public key. (This boxing
function
may be viewed as a encrypt+sign operation.)
If this fits your model, then NaCl already contains everything you
need. In this case, the underlying primitive is not ElGamel, but
Diffie-Hellman. The two keys are combined with ECDH and the nonce
(which both sides must know, but need not be secret) diversifies the
long-term shared key into a per-message key.
Based on timings for the x86-64 ECDH implementation, which I wrote,
4*10^6 operations should take about 880 seconds for a short message.
AGL
--
Adam Langley [EMAIL PROTECTED] http://www.imperialviolet.org
_______________________________________________
viff-devel mailing list (http://viff.dk/)
[email protected]
http://lists.viff.dk/listinfo.cgi/viff-devel-viff.dk
--
Claudio Orlandi
PhD student,
Department of Computer Science, Turing-223
Aarhus Universitet, Denmark
http://www.daimi.au.dk/~orlandi
_______________________________________________
viff-devel mailing list (http://viff.dk/)
[email protected]
http://lists.viff.dk/listinfo.cgi/viff-devel-viff.dk
_______________________________________________
viff-devel mailing list (http://viff.dk/)
[email protected]
http://lists.viff.dk/listinfo.cgi/viff-devel-viff.dk
