Menu
▾
▴
Re: [OpenCoin-devel] Fwd: [GSoC-2015] OpenCoin Digital Cash App
|
From: Nils T. <ni...@op...> - 2015-04-01 17:08:48
|
On 01.04.2015 17:08, Tom Salfield wrote: > Happy to be the messenger of good news for OpenCoin. So, why don't we > encourage these GSOC students to try to build a browser wallet? +1! > I'd assume that the only thing holding this back was the lack of a > proper RNG That, and access to fast BigInt for blinding. > - I think that is the conclusion we came to a couple of years > ago. Possibly the speed of browsers a few years ago may have also been > prohibitive. > > I'm not sure about the exact consistency of WebCryto API implementations > of higher level protocols (RSA, AES etc). > > I'm currently using standard javascript implementations of AES, ChaCha, > SHA512, SHA256 implementations without any real speed issues. I'm sure > asymmetric algorithms pose much greater performance issues. They usually do. See this thread for some benchmark results on phones where the blinding BigInt is done in standard java script: http://sourceforge.net/p/opencoin/mailman/message/30169063/ Now that might not have been the most efficient BigInt lib available, and phone CPUs got faster since then, but i still expect 2048bit blinding to be laggy without native BigInt support. > However, I > believe this can be much faster when leveraging asm.js - though I > haven't used the library I referenced earlier. > > In that case, I'm not convinced that there is too much value in using > the web-crypto versions of RSA/AES etc, seems likely that it won't be > much more efficient - and you have to trust ALL the browser vendors to > implement it securely, rather than a single implementation across all > browsers. It's probably up to the developers which library they prefers to use. >> So use BigInt from ASM, the RNG from WebCrypto, RSA and other primitives >> from either and bang there you have all you need! :-) >> >> Nice to learn that the stuff we've been waiting for for many years have >> *finally* made it into the release-version of all major browsers. *phew* > > Just to be clear, afaik there is no BigInt in asm.js, it is just > implemented in the library using asm.js Oh. Does that mean that there is still no accelerated BigInt in browsers? That would throw us back again :-( > - nothing stopped anyone from > implementing such a library without asm.js in plain javascript - and > such libraries have long existed. In know, we use(d) them. They are slow. >>> No support in less than IE11, though you could seed a pseudo-random >>> number generator with a random seed from a server request - I think - >>> but feels riskier. >> That would mean to trust the server, which is (trust-wise) equivalent to >> doing all crypto server-side in the first place. Not really an option. >> > Right, I guess that is true in the OpenCoin case - since the blinding is > dependent on the RNG. Its not the case for all crypto purposes, for > example when generating a nonce for AES, we are able to encrypt data in > the browser without ever sending the key to the server. If the nonce > were compromised it wouldn't be good - but it isn't equivalent to doing > all the crypto server-side. Agreed. I was only referring to OpenCoin, i should have made that clear. /n >>> Give me a call if you are ever in London >> Will do! >> >> x/n >> >> >> >>> Tom x >>> >>> >>> >>> On 01/04/15 14:41, Nils Toedtmann wrote: >>>> Re-reading http://sourceforge.net/p/opencoin/mailman/message/31090382/ >>>> it looks like the issue was not lack of BigInt support (that was an >>>> issue with WebCrypto, not ASM), but crypto-grade randomness. >>>> >>>> That was almost 2 years ago. Has that improved? Or is there some other >>>> source for quality randomness in modern browsers? >>>> >>>> /n >>>> >>>> >>>> On 01.04.2015 14:31, Nils Toedtmann wrote: >>>>> On 01.04.2015 14:28, Nils Toedtmann wrote: >>>>>> Hi Tom! >>>>>> >>>>>> I vaguely remember - but i might be wrong - that there is an important >>>>>> crypto primitive missing, and that is blinding/unblinding. And >>>>>> unfortunatly the API is only exposing crypto primitives, but not the >>>>>> underlying BigInt library, so you have to do it outside JS - which is >>>>> ^^^^^^^^^^^^^ >>>>> Typo. I meant outside ASM >>>>> >>>>>> pretty slow. >>>>>> >>>>>> I think i even had conversations with the webcrypto gang about this. >>>>>> Will try to find it when i have more time. >>>>>> >>>>>> /n >>>>>> >>>>>> >>>>>> On 01.04.2015 13:15, Tom Salfield wrote: >>>>>>> Hi Stefan, >>>>>>> >>>>>>> On 15/03/15 21:41, Stefan Xenon wrote: >>>>>>>> A while ago we did some tests and found that native JS may be >>>>>>>> problematic because it is very slow for some of our crypto operations. >>>>>>>> We concluded that a native "module" would be a good choice when using >>>>>>>> Phonegap. This module would be native platform code (e.g. Java for >>>>>>>> Android) and perform the crypto calculation. Do you have experience in >>>>>>>> using such? >>>>>>> Out of interest what were the performance problems in doing this using >>>>>>> browser crypto? I'd have thought that with faster browsers, and built in >>>>>>> random number generation this should perform quite well by now. In >>>>>>> firefox and chrome and probably IE12 there is asm.js support - making >>>>>>> implementations potentially significantly faster: >>>>>>> >>>>>>> https://github.com/vibornoff/asmcrypto.js/tree/master/src >>>>>>> >>>>>>> Anyway, just interested to know where the bottleneck would be? >>>>>>> >>>>>>> Thanks, >>>>>>> >>>>>>> Tom >>>>>>> >>>>>>> ------------------------------------------------------------------------------ >>>>>>> Dive into the World of Parallel Programming The Go Parallel Website, sponsored >>>>>>> by Intel and developed in partnership with Slashdot Media, is your hub for all >>>>>>> things parallel software development, from weekly thought leadership blogs to >>>>>>> news, videos, case studies, tutorials and more. Take a look and join the >>>>>>> conversation now. http://goparallel.sourceforge.net/ >>>>>>> _______________________________________________ >>>>>>> OpenCoin-devel mailing list >>>>>>> Ope...@li... >>>>>>> https://lists.sourceforge.net/lists/listinfo/opencoin-devel >>>>>>> > |
