On 24/11/10 11:33, Tobias Heer wrote:
Public bug reported: It would be fairly simple to implement ECC support in HIPL and some preliminary comparisons using the openssl suite indicate that ECDSA has a significant (4x) performance improvement over DSA (signatures). Verifications seem to be the same, though. As a first step, we could implement ECDSA and ECDH in HIPv1 style. Just add another HIT type and expect that the other side implements the necessary curves.
Add another HIT type? Just curious about this, do you mean a new ORCHID prefix or a new Contex ID in the creation of the HIT.
I was thinking this and wound up in situation where I did not find a solution and then I ran out of time. In HIP DSA is stored (in HOST_ID and in DNS) according to RFC 2536 and RSA is strored according to RFC 3110. For ECDSA I have not found any other document than this http://tools.ietf.org/html/draft-ietf-dnsext-ecc-key-10 expired draft. But the point that I am coming to is that we need (probably) a new specification that defines how elliptic curve keys are stored at least in HOST_ID if not in DNS. I have not checked this recently so the situation might have changed after that. Just thought that you might want to know.
BR, Samu
The curves implemented in openssl are certainly low-hanging fruits for doing this. All one needs to do is add anther cipher suite, and provide the right parameter lengths and openssl parameters. In HIPv2 we will have ECDSA support anyway but that requires some changes to the handshake as well. Some numbers coming from openssl speed openssl speed ecdsap160 Doing 160 bit sign ecdsa's for 10s: 42411 160 bit ECDSA signs in 9.96s Doing 160 bit verify ecdsa's for 10s: 9610 160 bit ECDSA verify in 9.94s openssl speed ecdsap160 Doing 160 bit sign ecdsa's for 10s: 42546 160 bit ECDSA signs in 9.99s Doing 160 bit verify ecdsa's for 10s: 9813 160 bit ECDSA verify in 9.98s openssl speed ecdsab163 Doing 163 bit sign ecdsa's for 10s: 12296 163 bit ECDSA signs in 9.98s Doing 163 bit verify ecdsa's for 10s: 4476 163 bit ECDSA verify in 9.99s openssl speed ecdsap256 Doing 256 bit sign ecdsa's for 10s: 25054 256 bit ECDSA signs in 9.91s Doing 256 bit verify ecdsa's for 10s: 5400 256 bit ECDSA verify in 9.98s openssl speed dsa1024 Doing 1024 bit sign dsa's for 10s: 10264 1024 bit DSA signs in 9.99s Doing 1024 bit verify dsa's for 10s: 8528 1024 bit DSA verify in 9.94s openssl speed dsa2048 Doing 2048 bit sign dsa's for 10s: 3139 2048 bit DSA signs in 9.86s Doing 2048 bit verify dsa's for 10s: 2618 2048 bit DSA verify in 9.83s These numbers were generated on a 2.1 GHz Intel Core 2 Duo. ** Affects: hipl Importance: Undecided Status: New ** Tags: ecc improvement