[Ndn-interest] SignatureSha256WithRsa, which RSA?

Junxiao Shi shijunxiao at email.arizona.edu
Wed Oct 2 08:53:17 PDT 2019

Dear folks


SignatureSha256WithRsa is the basic signature algorithm that MUST be
supported by any NDN-compliant software.
It defines an RSA public key signature that is calculated over SHA256 hash
of the Name, MetaInfo, Content, and SignatureInfo TLVs.

Looking over WebCrypto <https://diafygi.github.io/webcrypto-examples/>,
there are two variants of RSA suitable for signing:

   - RSASSA-PKCS1-v1_5
   - RSA-PSS

Which RSA variant is being defined by SignatureSha256WithRsa?
(yes, I could try each with existing implementations, but the protocol is
supposed to define everything unambiguously)

Then, WebCryptoAPI Live Table
<https://diafygi.github.io/webcrypto-examples/> discourages new
applications from using either variant of RSA, and recommends using ECDSA
and HMAC.
Also, the testbed root key
is SignatureSha256WithEcdsa since Dec 2017.
I think it's time to amend this statement:

SignatureSha256WithRsa MUST be supported by any NDN-compliant software.

My suggestion is:

   - SignatureSha256WithEcdsa with P-256 curve is required.
   - Other ECDSA curves are optional.
   - Other signing algorithms such as  SignatureSha256WithRsa are optional.

Yours, Junxiao
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://www.lists.cs.ucla.edu/pipermail/ndn-interest/attachments/20191002/545e2f10/attachment.html>

More information about the Ndn-interest mailing list