[tahoe-dev] (get) Down with ECDSA
Brian Warner
warner at lothar.com
Thu Aug 20 11:06:16 PDT 2009
As Zooko pointed out, our main requirements are:
* short signing key, so writecaps are short
* short verifying key, so readcaps are short (note that confidentiality
requires a second cryptovalue in the readcap, which adds pressure on
the verifying key length)
* fast keypair generation, so mkdir is fast
Other would-be-nice-to-have features:
* intermediate keys, which would give us readcaps with just one
cryptovalue
* short signatures, which would make other (non-mutable-file) uses of
this algorithm less cumbersome, specifically URLs which contain
"my-right-to-consume-storage" Accounting certificate chains
* fast signature generation/checking, to make mutfile/dirnode
operations faster in general
And of course, the number one feature:
* a working, stable implementation in pycryptopp
According to http://allmydata.org/trac/tahoe/ticket/331 , we've been
waiting 18 months for this one, so at this point I'm willing to go with
a generally-considered-secure-but-lacking-strong-proof algorithm over a
has-strong-proof-but-no-implementations one :-).
cheers,
-Brian
More information about the tahoe-dev
mailing list