search

annando / salmon-protocol

Automatically exported from code.google.com/p/salmon-protocol
0 stars 0 forks source link

Magic Signatures: Private RSA key format issue #11

Closed GoogleCodeExporter closed 9 years ago

GoogleCodeExporter commented 9 years ago 
(From blog post comment): "Adding 'd' is not sufficient for an RSA private 
key *format*.
Private key operations, such as signing, are significantly faster (twice as 
fast I 
think) if you know the prime factors of the modulus so you can use the 
Chinese Remainder Theorem. That is too big an advantage to exclude.

The standard RSA private key format includes 8 numbers: n, e, d, p, q, d 
mod p-1, d mod q-1, and q^-1 mod p.

If you really want a minimal format perhaps n.e.[d][.p] would do. If you only 
have d (but not the primes) use n.e.d; if you have the primes use n.e..p, from 
which you can calculate all the other numbers. Minor bonus: n.e..p is shorter 
than n.e.d (only ~75% of the length). "

Original issue reported on code.google.com by jpanzer@google.com on 27 Feb 2010 at 6:00

GoogleCodeExporter commented 9 years ago 
I think the spec should probably not discuss the private key format, which can 
be totally separate from the 
simple public key format.  Thoughts?  (I needed something to test with and for 
that performance isn't an 
issue, but that doesn't need to be in the spec at all.)

So section 10 would read:

The application/magic-key format is a very minimal format for representing 
public key data. It consists of a 
string of ASCII text, separated into 3 components, with components separated by 
a "." (0x2E) character. The 
first component is the key type; this specification only defines the "RSA" key 
type for future upgradeability. 
Thus a magic key consists of the string RSA.modulus(n).exponent(e). The pair 
(n, e) is used as input to 
RSASSA-PKCS1-V1_5-VERIFY.

Original comment by jpanzer@google.com on 6 Apr 2010 at 10:49

GoogleCodeExporter commented 9 years ago 
Resolved:  The spec will not talk about the private key format to be used, as 
it's outside the 
scope of the spec.

Original comment by jpanzer@google.com on 15 Apr 2010 at 9:57

GoogleCodeExporter commented 9 years ago

Original comment by jpanzer@google.com on 19 Jun 2010 at 7:25

GoogleCodeExporter commented 9 years ago 
Fixed in revision 104.

Original comment by jpanzer@google.com on 19 Jun 2010 at 7:39

GoogleCodeExporter commented 9 years ago

Original comment by jpanzer@google.com on 19 Jun 2010 at 7:39