Deterministic ECDSA - RFC6979

[karel-m]

It would be nice to support deterministic ecc signatures - see https://tools.ietf.org/html/rfc6979

It is related only to ecc_sign_hash_ex as the verification works as usual.

It can be done without any API change, simply when prng parametr of ecc_sign_hash_ex is passed NULL then we will not throw an error but create the deterministic signature as described in RFC6979.

Any takers?

Cc: @rmw42 - what do you think? IMO you have pretty impressive ECDSA-related traction during last few weeks 😄

[rmw42]

Yeah, it'd be a useful feature to support. If it can wait a week or two, I can find some time to work on it... the RFC is quite hard to follow but at the core it's only really a couple of chained HMAC operations, if memory serves, and there are a load of test vectors.

[karel-m]

No problem, it can wait a month (or two).

[rmw42]

OK, pretty sure I can find the time to do this, then 😄

[danzadok]

Hi, I also would like to have this rfc6979 support. Has it already implemented.

[rmw42]

Hi @danzadok!

Sorry, some stuff came up at the end of last year and I wasn't able to work on it. I've read through all the details in the RFC and I'm working on it now :)

[danzadok]

Thanks a lot. Please let me know when done. I will be your beta :)

https://www.avast.com/sig-email?utm_medium=email&utm_source=link&utm_campaign=sig-email&utm_content=webmail&utm_term=icon Virus-free. www.avast.com https://www.avast.com/sig-email?utm_medium=email&utm_source=link&utm_campaign=sig-email&utm_content=webmail&utm_term=link <#DAB4FAD8-2DD7-40BB-A1B8-4E2AA1F9FDF2>

On Mon, Dec 31, 2018 at 6:12 PM Russ Williams notifications@github.com wrote:

Hi @danzadok https://github.com/danzadok!

Sorry, some stuff came up at the end of last year and I wasn't able to work on it. I've read through all the details in the RFC and I'm working on it now :)

— You are receiving this because you were mentioned. Reply to this email directly, view it on GitHub https://github.com/libtom/libtomcrypt/issues/441#issuecomment-450663252, or mute the thread https://github.com/notifications/unsubscribe-auth/AYXLb7kXW_M7UEp2v8QdPjUY3acZFF6wks5u-jdegaJpZM4XFwAK .

-- :) Danny Zadok

[danzadok]

Hi Any news about that? Danny

On Mon, Dec 31, 2018, 10:17 PM Danny Zadok <dan.zadok@gmail.com wrote:

Thanks a lot. Please let me know when done. I will be your beta :)

https://www.avast.com/sig-email?utm_medium=email&utm_source=link&utm_campaign=sig-email&utm_content=webmail&utm_term=icon Virus-free. www.avast.com https://www.avast.com/sig-email?utm_medium=email&utm_source=link&utm_campaign=sig-email&utm_content=webmail&utm_term=link <#m_983535513776717579_DAB4FAD8-2DD7-40BB-A1B8-4E2AA1F9FDF2>

On Mon, Dec 31, 2018 at 6:12 PM Russ Williams notifications@github.com wrote:

Hi @danzadok https://github.com/danzadok!

Sorry, some stuff came up at the end of last year and I wasn't able to work on it. I've read through all the details in the RFC and I'm working on it now :)

— You are receiving this because you were mentioned. Reply to this email directly, view it on GitHub https://github.com/libtom/libtomcrypt/issues/441#issuecomment-450663252, or mute the thread https://github.com/notifications/unsubscribe-auth/AYXLb7kXW_M7UEp2v8QdPjUY3acZFF6wks5u-jdegaJpZM4XFwAK .

-- :) Danny Zadok

[danzadok]

Hi I really need this feature. Can someone help me to implement it?

[rmw42]

Sorry, I've been really short on time recently :( This is as far as I've got so far: https://github.com/libtom/libtomcrypt/pull/477

It's still not working correctly, I need to dig into the results of the hash chain and check that it's coming up with the correct results/keys.

[bbrtj]

Hey, any news? Is anyone working on this?

[joakim-tjernlund]

This seems stalled?