You are viewing a plain text version of this content. The canonical link for it is here.
Posted to dev@santuario.apache.org by Damian Kolasa <fa...@gmail.com> on 2013/04/04 19:02:39 UTC
Adding other digest algorithms for DSA
Hi everyone,
I'm planning to extend java lib of santuario with DSA_SHA256,384,512
algorithms (I need this for my masters degree thesis project). And I
have a question if maybe somebody has done that already and can give me
a patch ;) ?
Regards Damian
Re: Adding other digest algorithms for DSA
Posted by Ian Young <ia...@iay.org.uk>.
On 4 Apr 2013, at 18:17, "Cantor, Scott" <ca...@osu.edu> wrote:
> Ok. Well, 384 and 512 are simply not defined for DSA. At least based on
> the most recent algorithm summary I'm aware of:
>
> http://www.w3.org/2008/xmlsec/Drafts/xmlsec-algorithms/Overview.html
The equivalent IETF draft tells the same story:
http://datatracker.ietf.org/doc/draft-eastlake-additional-xmlsec-uris/
The standard (FIPS 186-3) does, if I'm reading it correctly, theoretically allow signatures using other approved hash algorithms such as SHA-512:
> It is recommended that the security strength of the (L, N) pair and the security strength of the hash function used for the generation of digital signatures be the same unless an agreement has been made between participating entities to use a stronger hash function. When the length of the output of the hash function is greater than N (i.e., the bit length of q), then the leftmost N bits of the hash function output block shall be used in any calculation using the hash function output during the generation or verification of a digital signature.
This is clearly not expected to be something anyone would want to do in a software implementation; that would be why there are no URIs specified for it. I'd guess that it's there to help out people who are building hardware implementations and don't want to build separate SHA-256 and SHA-512 hardware blocks.
-- Ian
Re: Adding other digest algorithms for DSA
Posted by "Cantor, Scott" <ca...@osu.edu>.
On 4/4/13 1:08 PM, "Damian Kolasa" <fa...@gmail.com> wrote:
>I'm doing a performance comparison of various digital signature schemes
>ECDSA, DSA and RSA, and for it to be as complete as possible I'm doing
>this for SHA1,256,384,512 digests and various curves/key lengths.
Ok. Well, 384 and 512 are simply not defined for DSA. At least based on
the most recent algorithm summary I'm aware of:
http://www.w3.org/2008/xmlsec/Drafts/xmlsec-algorithms/Overview.html
-- Scott
Re: Adding other digest algorithms for DSA
Posted by Damian Kolasa <fa...@gmail.com>.
I'm doing a performance comparison of various digital signature schemes
ECDSA, DSA and RSA, and for it to be as complete as possible I'm doing
this for SHA1,256,384,512 digests and various curves/key lengths.
Regards Damian
On 2013.04.04 19:05, Cantor, Scott wrote:
> On 4/4/13 1:02 PM, "Damian Kolasa" <fa...@gmail.com> wrote:
>
>> Hi everyone,
>> I'm planning to extend java lib of santuario with DSA_SHA256,384,512
>> algorithms (I need this for my masters degree thesis project). And I
>> have a question if maybe somebody has done that already and can give me
>> a patch ;) ?
> I believe the only defined algorithms in 1.1 are DSA with SHA1 and SHA256.
>
> DSA is also viewed as somewhat deprecated and is now optional in 1.1. In
> other words, why are you using it, and did you consider something else?
>
> -- Scott
>
>
Re: Adding other digest algorithms for DSA
Posted by "Cantor, Scott" <ca...@osu.edu>.
On 4/4/13 1:02 PM, "Damian Kolasa" <fa...@gmail.com> wrote:
>Hi everyone,
>I'm planning to extend java lib of santuario with DSA_SHA256,384,512
>algorithms (I need this for my masters degree thesis project). And I
>have a question if maybe somebody has done that already and can give me
>a patch ;) ?
I believe the only defined algorithms in 1.1 are DSA with SHA1 and SHA256.
DSA is also viewed as somewhat deprecated and is now optional in 1.1. In
other words, why are you using it, and did you consider something else?
-- Scott