Return-Path: Delivered-To: apmail-couchdb-user-archive@www.apache.org Received: (qmail 63906 invoked from network); 9 Mar 2009 00:11:27 -0000 Received: from hermes.apache.org (HELO mail.apache.org) (140.211.11.2) by minotaur.apache.org with SMTP; 9 Mar 2009 00:11:27 -0000 Received: (qmail 94891 invoked by uid 500); 9 Mar 2009 00:11:27 -0000 Delivered-To: apmail-couchdb-user-archive@couchdb.apache.org Received: (qmail 94233 invoked by uid 500); 9 Mar 2009 00:11:25 -0000 Mailing-List: contact user-help@couchdb.apache.org; run by ezmlm Precedence: bulk List-Help: List-Unsubscribe: List-Post: List-Id: Reply-To: user@couchdb.apache.org Delivered-To: mailing list user@couchdb.apache.org Received: (qmail 94222 invoked by uid 99); 9 Mar 2009 00:11:25 -0000 Received: from nike.apache.org (HELO nike.apache.org) (192.87.106.230) by apache.org (qpsmtpd/0.29) with ESMTP; Sun, 08 Mar 2009 17:11:25 -0700 X-ASF-Spam-Status: No, hits=-0.0 required=10.0 tests=SPF_PASS X-Spam-Check-By: apache.org Received-SPF: pass (nike.apache.org: domain of nunojobpinto@gmail.com designates 209.85.217.162 as permitted sender) Received: from [209.85.217.162] (HELO mail-gx0-f162.google.com) (209.85.217.162) by apache.org (qpsmtpd/0.29) with ESMTP; Mon, 09 Mar 2009 00:11:15 +0000 Received: by gxk6 with SMTP id 6so2205911gxk.11 for ; Sun, 08 Mar 2009 17:10:54 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=gamma; h=domainkey-signature:mime-version:received:in-reply-to:references :date:message-id:subject:from:to:content-type :content-transfer-encoding; bh=7A3KfFpzp//Gc8FUoko8/uItbCoIexNxN2i4q3YmL0k=; b=uO/a/xn11Qxbrsd8cewaWCzLfO4PCf4KBk81j7Gk4i6cwjuYRXXnPnpViusOYW0HVN 8rcY8VgjASNmqHvNqXKOCVaqV2SoOHUBFb9NvDuYo0WYdxZFf6IMnJn5Q2WVxN0mkD8G 6QiaAXvqQVUCsPa/rf5+xTDwZrTrHhQCN7nX0= DomainKey-Signature: a=rsa-sha1; c=nofws; d=gmail.com; s=gamma; h=mime-version:in-reply-to:references:date:message-id:subject:from:to :content-type:content-transfer-encoding; b=XaTIu8LlS9wVkGl+cWyRfqyP7XKkdtVuJvSlYmlGvu4KxwC3GEGWLU3WJ2TX3rCUk0 oqlf9u2Dw5XwAQIVsu2MCzWevcRenjFHUv1caj6aY6643kXcy/UvG0SNTbpRmF2MNwDg zQI3yFb6QlAZwVV/bFVx3FHliAIsL1NBqbQD4= MIME-Version: 1.0 Received: by 10.220.81.15 with SMTP id v15mr1409975vck.65.1236557454411; Sun, 08 Mar 2009 17:10:54 -0700 (PDT) In-Reply-To: <3BC004F2-6BF3-43BA-94D9-FB8D4E8DEE99@mooseyard.com> References: <283A6EDD-6701-4A6A-88AE-8B97E6D11D9E@mooseyard.com> <3BC004F2-6BF3-43BA-94D9-FB8D4E8DEE99@mooseyard.com> Date: Sun, 8 Mar 2009 20:10:54 -0400 Message-ID: <30d0cf2c0903081710s60c3a4f3x6745734653c52035@mail.gmail.com> Subject: Re: Proposal for digital signatures of documents From: Nuno Job To: user@couchdb.apache.org Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 7bit X-Virus-Checked: Checked by ClamAV on apache.org > (RSA is ubiquitous but getting old; apparently elliptic-key systems are > gaining favor because they provide more security per bit of key length. I > don't know whether they're any less compute-intensive than RSA. I'll do some > research and try to find JS impls of any of these.) Elliptic-key systems [http://en.wikipedia.org/wiki/Elliptic_curve_cryptography] are not about RSA, DSA or whatever. They are mostly about getting the same security level using less bits, thus you can achieve the same encryption security using less calculations. So yes, it's less compute-intensive and they were first used in mobile devices (reduced memory). I think all of this is very interesting, secure multi-part computation, digital signatures, etc. But please use standards and don't reinvent the wheel unless your sure the standard does not fit it's own purpose (which happens sometimes :P). I small note on elliptic curves. They are a mathematical construct that given two numbers (x and y) allow you to compute another one (z) but given that z you cannot determine which x and y generated them [http://www.certicom.com/images/content/resources/ecc_tutorial/ec2_1_3.gif]. The objective of most one-way hash functions is to have something really simple to compute but very hard to reverse engineer. So this fits perfectly. Previously we mostly used prime factorization algorithms and some others i forgot :P Nuno