Re: [OpenCoin-devel] Fwd: [GSoC-2015] OpenCoin Digital Cash App

SourceForge Headquarters 1320 Columbia Street Suite 310 San Diego, CA 92101 +1 (858) 422-6466

Hi Nils,

Happy to be the messenger of good news for OpenCoin. So, why don't we
encourage these GSOC students to try to build a browser wallet?

I'd assume that the only thing holding this back was the lack of a
proper RNG - I think that is the conclusion we came to a couple of years
ago. Possibly the speed of browsers a few years ago may have also been
prohibitive.

I'm not sure about the exact consistency of WebCryto API implementations
of higher level protocols (RSA, AES etc).

I'm currently using standard javascript implementations of AES, ChaCha,
SHA512, SHA256 implementations without any real speed issues. I'm sure
asymmetric algorithms pose much greater performance issues.  However, I
believe this can be much faster when leveraging asm.js - though I
haven't used the library I referenced earlier.

In that case, I'm not convinced that there is too much value in using
the web-crypto versions of RSA/AES etc, seems likely that it won't be
much more efficient - and you have to trust ALL the browser vendors to
implement it securely, rather than a single implementation across all
browsers.

>
> So use BigInt from ASM, the RNG from WebCrypto, RSA and other primitives
> from either and bang there you have all you need! :-)
>
> Nice to learn that the stuff we've been waiting for for many years have
> *finally* made it into the release-version of all major browsers. *phew*

Just to be clear, afaik there is no BigInt in asm.js, it is just
implemented in the library using asm.js - nothing stopped anyone from
implementing such a library without asm.js in plain javascript - and
such libraries have long existed.

>> No support in less than IE11, though you could seed a pseudo-random
>> number generator with a random seed from a server request - I think -
>> but feels riskier.
> That would mean to trust the server, which is (trust-wise) equivalent to
> doing all crypto server-side in the first place. Not really an option.
>
Right, I guess that is true in the OpenCoin case - since the blinding is
dependent on the RNG. Its not the case for all crypto purposes, for
example when generating a nonce for AES, we are able to encrypt data in
the browser without ever sending the key to the server. If the nonce
were compromised it wouldn't be good - but it isn't equivalent to doing
all the crypto server-side.

Cheers,

Tom x

>> Give me a call if you are ever in London
> Will do!
>
> x/n
>
>
>
>> Tom x
>>
>>
>>
>> On 01/04/15 14:41, Nils Toedtmann wrote:
>>> Re-reading http://sourceforge.net/p/opencoin/mailman/message/31090382/
>>> it looks like the issue was not lack of BigInt support (that was an
>>> issue with WebCrypto, not ASM), but crypto-grade randomness.
>>>
>>> That was almost 2 years ago. Has that improved? Or is there some other
>>> source for quality randomness in modern browsers?
>>>
>>> /n
>>>
>>>
>>> On 01.04.2015 14:31, Nils Toedtmann wrote:
>>>> On 01.04.2015 14:28, Nils Toedtmann wrote:
>>>>> Hi Tom!
>>>>>
>>>>> I vaguely remember - but i might be wrong - that there is an important
>>>>> crypto primitive missing, and that is blinding/unblinding. And
>>>>> unfortunatly the API is only exposing crypto primitives, but not the
>>>>> underlying BigInt library, so you have to do it outside JS - which is
>>>>                                                  ^^^^^^^^^^^^^
>>>> Typo. I meant outside ASM
>>>>
>>>>> pretty slow.
>>>>>
>>>>> I think i even had conversations with the webcrypto gang about this.
>>>>> Will try to find it when i have more time.
>>>>>
>>>>> /n
>>>>>
>>>>>
>>>>> On 01.04.2015 13:15, Tom Salfield wrote:
>>>>>> Hi Stefan,
>>>>>>
>>>>>> On 15/03/15 21:41, Stefan Xenon wrote:
>>>>>>> A while ago we did some tests and found that native JS may be
>>>>>>> problematic because it is very slow for some of our crypto operations.
>>>>>>> We concluded that a native "module" would be a good choice when using
>>>>>>> Phonegap. This module would be native platform code (e.g. Java for
>>>>>>> Android) and perform the crypto calculation. Do you have experience in
>>>>>>> using such?
>>>>>> Out of interest what were the performance problems in doing this using
>>>>>> browser crypto? I'd have thought that with faster browsers, and built in
>>>>>> random number generation this should perform quite well by now. In
>>>>>> firefox and chrome and probably IE12 there is asm.js support - making
>>>>>> implementations potentially significantly faster:
>>>>>>
>>>>>> https://github.com/vibornoff/asmcrypto.js/tree/master/src
>>>>>>
>>>>>> Anyway, just interested to know where the bottleneck would be?
>>>>>>
>>>>>> Thanks,
>>>>>>
>>>>>> Tom
>>>>>>
>>>>>> ------------------------------------------------------------------------------
>>>>>> Dive into the World of Parallel Programming The Go Parallel Website, sponsored
>>>>>> by Intel and developed in partnership with Slashdot Media, is your hub for all
>>>>>> things parallel software development, from weekly thought leadership blogs to
>>>>>> news, videos, case studies, tutorials and more. Take a look and join the 
>>>>>> conversation now. http://goparallel.sourceforge.net/
>>>>>> _______________________________________________
>>>>>> OpenCoin-devel mailing list
>>>>>> Ope...@li...
>>>>>> https://lists.sourceforge.net/lists/listinfo/opencoin-devel
>>>>>>