aboutsummaryrefslogtreecommitdiffstats
path: root/config
diff options
context:
space:
mode:
authorHauke Mehrtens <hauke@hauke-m.de>2018-06-24 21:27:41 +0200
committerHauke Mehrtens <hauke@hauke-m.de>2018-07-07 18:33:53 +0200
commitb19622044d492e9eff9d880d6bc1fc9486774886 (patch)
treea3530cab6b319dbf5ae30adc429d8084a4b8b492 /config
parent5a078180d08db8d4261119cd396a38b0261bfc5b (diff)
downloadupstream-b19622044d492e9eff9d880d6bc1fc9486774886.tar.gz
upstream-b19622044d492e9eff9d880d6bc1fc9486774886.tar.bz2
upstream-b19622044d492e9eff9d880d6bc1fc9486774886.zip
mbedtls: Activate deterministic ECDSA
With deterministic ECDSA the value k needed for the ECDSA signature is not randomly generated any more, but generated from a hash over the private key and the message to sign. If the value k used in a ECDSA signature or the relationship between the two values k used in two different ECDSA signatures over the same content is know to an attacker he can derive the private key pretty easily. Using deterministic ECDSA as defined in the RFC6979 removes this problem by deriving the value k deterministically from the private key and the content which gets signed. The resulting signature is still compatible to signatures generated not deterministic. This increases the size of the ipk on mips 24Kc by about 2 KByte. old: 166.240 libmbedtls_2.11.0-1_mips_24kc.ipk new: 167.811 libmbedtls_2.11.0-1_mips_24kc.ipk This does not change the ECDSA performance in a measurable way. Signed-off-by: Daniel Engberg <daniel.engberg.lists@pyret.net> Signed-off-by: Hauke Mehrtens <hauke@hauke-m.de>
Diffstat (limited to 'config')
0 files changed, 0 insertions, 0 deletions