Apparently Julian's implementation isn't stateless.
[Imported from Trac: page OneHundredYearCryptography, version 26]
parent
0a1421cca1
commit
586458fe19
|
@ -28,7 +28,7 @@ Discussion on the tahoe-dev list with Zooko, Brian Warner, Jack Lloyd, and Daira
|
|||
|
||||
Zooko posted [//pipermail/tahoe-dev/2011-February/006133.html "back of the envelope" performance constraints]. Bottom-line: you get 30 million ARM instructions to implement one complete digital signature verification.
|
||||
|
||||
Julian Wälde has [*pipermail/tahoe-dev/2011-March/006237.html posted an actual implementation] of hash-based digital signatures! Exciting fact: his implementation [*pipermail/tahoe-dev/2011-July/006554.html meets] Zooko's [//pipermail/tahoe-dev/2011-February/006133.html performance criteria]!
|
||||
Julian Wälde has [*pipermail/tahoe-dev/2011-March/006237.html posted an actual implementation] of hash-based digital signatures. This scheme apparently isn't actually a *stateless* scheme like the ones discussed above, but it does meet [*pipermail/tahoe-dev/2011-July/006554.html meets] Zooko's [//pipermail/tahoe-dev/2011-February/006133.html performance criteria].
|
||||
|
||||
Brian and David-Sarah wrote [a simulator]source:trunk/misc/simulators/hashbasedsig.py or two to explore performance trade-offs in (stateless) hash-based signature parameters. The output of one run with the following parameters is this (note that the signing times include regeneration of per-message signing keys from a small long-term private key):
|
||||
```
|
||||
|
|
Loading…
Reference in a new issue