Menu
▾
▴
Re: [OpenCoin-devel] Fwd: [GSoC-2015] OpenCoin Digital Cash App
|
From: Nils T. <ni...@op...> - 2015-04-01 14:36:57
|
On 01.04.2015 15:24, Tom Salfield wrote: > Hey Nils, > > Firefox, Chrome and IE11+ all have in browser random number generators. Sure - but are they crypto-grade? > https://developer.mozilla.org/en-US/docs/Web/API/Window/crypto > > https://developer.mozilla.org/en-US/docs/Web/API/Crypto They are! So use BigInt from ASM, the RNG from WebCrypto, RSA and other primitives from either and bang there you have all you need! :-) Nice to learn that the stuff we've been waiting for for many years have *finally* made it into the release-version of all major browsers. *phew* > No support in less than IE11, though you could seed a pseudo-random > number generator with a random seed from a server request - I think - > but feels riskier. That would mean to trust the server, which is (trust-wise) equivalent to doing all crypto server-side in the first place. Not really an option. > Give me a call if you are ever in London Will do! x/n > Tom x > > > > On 01/04/15 14:41, Nils Toedtmann wrote: >> Re-reading http://sourceforge.net/p/opencoin/mailman/message/31090382/ >> it looks like the issue was not lack of BigInt support (that was an >> issue with WebCrypto, not ASM), but crypto-grade randomness. >> >> That was almost 2 years ago. Has that improved? Or is there some other >> source for quality randomness in modern browsers? >> >> /n >> >> >> On 01.04.2015 14:31, Nils Toedtmann wrote: >>> On 01.04.2015 14:28, Nils Toedtmann wrote: >>>> Hi Tom! >>>> >>>> I vaguely remember - but i might be wrong - that there is an important >>>> crypto primitive missing, and that is blinding/unblinding. And >>>> unfortunatly the API is only exposing crypto primitives, but not the >>>> underlying BigInt library, so you have to do it outside JS - which is >>> ^^^^^^^^^^^^^ >>> Typo. I meant outside ASM >>> >>>> pretty slow. >>>> >>>> I think i even had conversations with the webcrypto gang about this. >>>> Will try to find it when i have more time. >>>> >>>> /n >>>> >>>> >>>> On 01.04.2015 13:15, Tom Salfield wrote: >>>>> Hi Stefan, >>>>> >>>>> On 15/03/15 21:41, Stefan Xenon wrote: >>>>>> A while ago we did some tests and found that native JS may be >>>>>> problematic because it is very slow for some of our crypto operations. >>>>>> We concluded that a native "module" would be a good choice when using >>>>>> Phonegap. This module would be native platform code (e.g. Java for >>>>>> Android) and perform the crypto calculation. Do you have experience in >>>>>> using such? >>>>> Out of interest what were the performance problems in doing this using >>>>> browser crypto? I'd have thought that with faster browsers, and built in >>>>> random number generation this should perform quite well by now. In >>>>> firefox and chrome and probably IE12 there is asm.js support - making >>>>> implementations potentially significantly faster: >>>>> >>>>> https://github.com/vibornoff/asmcrypto.js/tree/master/src >>>>> >>>>> Anyway, just interested to know where the bottleneck would be? >>>>> >>>>> Thanks, >>>>> >>>>> Tom >>>>> >>>>> ------------------------------------------------------------------------------ >>>>> Dive into the World of Parallel Programming The Go Parallel Website, sponsored >>>>> by Intel and developed in partnership with Slashdot Media, is your hub for all >>>>> things parallel software development, from weekly thought leadership blogs to >>>>> news, videos, case studies, tutorials and more. Take a look and join the >>>>> conversation now. http://goparallel.sourceforge.net/ >>>>> _______________________________________________ >>>>> OpenCoin-devel mailing list >>>>> Ope...@li... >>>>> https://lists.sourceforge.net/lists/listinfo/opencoin-devel >>>>> > |
