Re: [Monotone-devel] Re: fatal: Botan::PRNG

monotone-devel

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: [Monotone-devel] Re: fatal: Botan::PRNG_Unseeded

From:	Jack Lloyd
Subject:	Re: [Monotone-devel] Re: fatal: Botan::PRNG_Unseeded
Date:	Tue, 1 Apr 2008 13:56:11 -0400
User-agent:	Mutt/1.5.11

On Tue, Apr 01, 2008 at 11:18:22AM +0200, Lapo Luchini wrote:
> Nathaniel Smith wrote:
> >>What else are random numbers used for? As I understand it, signing
> >>does not use random numbers, but maybe I'm confused.
> >
> >IIRC signatures do include random nonces -- I think this is one of the
> >things I picked up from Paul's rants about our cryptography -- but I
> >could be wrong too.
> 
> AFAIR he was complaining about the very fact that we currently use 
> signatures that don't, and proposed to change 'em =)
> 

Monotone uses EMSA3 (aka PKCS#1 v1.5), which is a deterministic
encoding. So for a fixed input, the same key will always produce the
same signature. (The generally accepted solution for RSA signature
padding is EMSA4 aka PSS, which is a randomized method).

-Jack

[Prev in Thread]

Current Thread

[Next in Thread]

[Monotone-devel] Re: fatal: Botan::PRNG_Unseeded, Lapo Luchini, 2008/04/01
- Re: [Monotone-devel] Re: fatal: Botan::PRNG_Unseeded, Jack Lloyd <=
  - Re: [Monotone-devel] Re: fatal: Botan::PRNG_Unseeded, Markus Schiltknecht, 2008/04/01
    - Re: [Monotone-devel] Re: fatal: Botan::PRNG_Unseeded, Zack Weinberg, 2008/04/01
    - [Monotone-devel] Re: fatal: Botan::PRNG_Unseeded, Lapo Luchini, 2008/04/02
    - [Monotone-devel] Re: fatal: Botan::PRNG_Unseeded, Lapo Luchini, 2008/04/02
    - Re: [Monotone-devel] Re: fatal: Botan::PRNG_Unseeded, Jack Lloyd, 2008/04/01

Prev by Date: Re: [Monotone-devel] [stupid user question] Renaming a tag?
Next by Date: Re: [Monotone-devel] [stupid user question] Renaming a tag?
Previous by thread: [Monotone-devel] Re: fatal: Botan::PRNG_Unseeded
Next by thread: Re: [Monotone-devel] Re: fatal: Botan::PRNG_Unseeded
Index(es):
- Date
- Thread