[Ndn-interest] SignatureSha256WithRsa, which RSA?
Junxiao Shi
shijunxiao at email.arizona.edu
Wed Oct 2 08:53:17 PDT 2019
Dear folks
https://named-data.net/doc/NDN-packet-spec/current/signature.html#signaturesha256withrsa
sayL
SignatureSha256WithRsa is the basic signature algorithm that MUST be
supported by any NDN-compliant software.
It defines an RSA public key signature that is calculated over SHA256 hash
of the Name, MetaInfo, Content, and SignatureInfo TLVs.
Looking over WebCrypto <https://diafygi.github.io/webcrypto-examples/>,
there are two variants of RSA suitable for signing:
- RSASSA-PKCS1-v1_5
- RSA-PSS
Which RSA variant is being defined by SignatureSha256WithRsa?
(yes, I could try each with existing implementations, but the protocol is
supposed to define everything unambiguously)
Then, WebCryptoAPI Live Table
<https://diafygi.github.io/webcrypto-examples/> discourages new
applications from using either variant of RSA, and recommends using ECDSA
and HMAC.
Also, the testbed root key
<https://named-data.net/ndnsec/ndn-testbed-root-v2.ndncert.txt>
is SignatureSha256WithEcdsa since Dec 2017.
I think it's time to amend this statement:
SignatureSha256WithRsa MUST be supported by any NDN-compliant software.
My suggestion is:
- SignatureSha256WithEcdsa with P-256 curve is required.
- Other ECDSA curves are optional.
- Other signing algorithms such as SignatureSha256WithRsa are optional.
Yours, Junxiao
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://www.lists.cs.ucla.edu/pipermail/ndn-interest/attachments/20191002/545e2f10/attachment.html>
More information about the Ndn-interest
mailing list