[Ndn-interest] SignatureSha256WithRsa, which RSA?

Mon Oct 7 13:58:21 PDT 2019

On Wed, Oct 2, 2019, 11:54 AM Junxiao Shi <shijunxiao at email.arizona.edu>
wrote:

> Dear folks
>
>
> https://named-data.net/doc/NDN-packet-spec/current/signature.html#signaturesha256withrsa
> sayL
>
> SignatureSha256WithRsa is the basic signature algorithm that MUST be
> supported by any NDN-compliant software.
> It defines an RSA public key signature that is calculated over SHA256 hash
> of the Name, MetaInfo, Content, and SignatureInfo TLVs.
>
>
> Looking over WebCrypto <https://diafygi.github.io/webcrypto-examples/>,
> there are two variants of RSA suitable for signing:
>
>    - RSASSA-PKCS1-v1_5
>    - RSA-PSS
>
> Which RSA variant is being defined by SignatureSha256WithRsa?
> (yes, I could try each with existing implementations, but the protocol is
> supposed to define everything unambiguously)
>

If I remember correctly, it's the former.

>
> Then, WebCryptoAPI Live Table
> <https://diafygi.github.io/webcrypto-examples/> discourages new
> applications from using either variant of RSA, and recommends using ECDSA
> and HMAC.
> Also, the testbed root key
> <https://named-data.net/ndnsec/ndn-testbed-root-v2.ndncert.txt>
> is SignatureSha256WithEcdsa since Dec 2017.
> I think it's time to amend this statement:
>
> SignatureSha256WithRsa MUST be supported by any NDN-compliant software.
>
>
> My suggestion is:
>
>    - SignatureSha256WithEcdsa with P-256 curve is required.
>    - Other ECDSA curves are optional.
>    - Other signing algorithms such as  SignatureSha256WithRsa are
>    optional.
>
>
I agree.

> Yours, Junxiao
> _______________________________________________
> Ndn-interest mailing list
> Ndn-interest at lists.cs.ucla.edu
> http://www.lists.cs.ucla.edu/mailman/listinfo/ndn-interest
>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://www.lists.cs.ucla.edu/pipermail/ndn-interest/attachments/20191007/4290d55e/attachment.html>