View Issue Details

IDProjectCategoryView StatusLast Update
0005398GNUnetutil librarypublic2019-12-15 15:18
Reporterbfix Assigned ToChristian Grothoff  
Status closedResolutionfixed 
Platformi7OSDebian GNU/LinuxOS Versionsqueeze
Product VersionGit master 
Target Version0.12.0Fixed in Version0.12.0 
Summary0005398: redundant hash in EdDSA signature process
DescriptionThe EdDSA signature implementation in GNUnet calls the 'gcry_pk_sign
(&sig, msg, prv)' function not with the message itself, but with the
SHA512 hash value of the message.

Due to the intricities of EdDSA signing this is not necessary (hashing
is done in the sign function itself, as more than just the message is
hashed for this).

Although the GNUnet approach is not breaking things technically, it
produces unnecesary load: It is running an extra SHA512 - and because
the signed message is usually rather small (from what I have seen until
now the signed data is smaller than the 64 bytes of a SHA512 result),
the sign functions even needs to hash more data than necessary.

I guess that changing the sign/verify procedure would break
compatibility between new and old nodes and is therefore not feasable. I
just want to mention this in case a major version change is considered.

Thanks for your attention, Bernd.
Additional InformationShould be fixed when we next break compatibility "big time".
TagsNo tags attached.


Christian Grothoff

2019-02-12 09:01

manager   ~0013670

Targeting release 0.12.0 for this.

Christian Grothoff

2019-02-24 08:02

manager   ~0013976

Code to fix this is already in Git, just an #if 1 needs to be toggled. Location is marked with the bug number.

Christian Grothoff

2019-02-24 08:02

manager   ~0013977

(btw, I measured, could not find any difference in performance)

Christian Grothoff

2019-12-07 14:41

manager   ~0015130

Fixed in 7bb0b3291..a6b9d2e18


2019-12-15 15:18

administrator   ~0015182

0.12.0 released

Issue History

Date Modified Username Field Change
2018-07-11 23:29 Christian Grothoff New Issue
2018-07-11 23:30 Christian Grothoff Reporter Christian Grothoff => bfix
2018-07-11 23:30 Christian Grothoff Status new => confirmed
2019-02-12 09:01 Christian Grothoff Target Version => 0.12.0
2019-02-12 09:01 Christian Grothoff Note Added: 0013670
2019-02-24 08:01 Christian Grothoff Assigned To => Christian Grothoff
2019-02-24 08:01 Christian Grothoff Status confirmed => assigned
2019-02-24 08:02 Christian Grothoff Note Added: 0013976
2019-02-24 08:02 Christian Grothoff Note Added: 0013977
2019-12-07 14:41 Christian Grothoff Status assigned => resolved
2019-12-07 14:41 Christian Grothoff Resolution open => fixed
2019-12-07 14:41 Christian Grothoff Fixed in Version => 0.12.0
2019-12-07 14:41 Christian Grothoff Note Added: 0015130
2019-12-15 15:18 schanzen Note Added: 0015182
2019-12-15 15:18 schanzen Status resolved => closed