Frank Denis
Frank Denis
By the way, the compiler makes a difference. ```sh $ env CC="gcc -march=native" make $ ./aegis128x2 1000000 100000 average throughput: 50550 msg/s average throughput: 404400 Mb/s $./aegis128x4 1000000 100000 average...
This is with gcc 12.2.0 and clang 15.0.7 from Ubuntu Lunar, so maybe figures are different with the latest version of these compilers.
Hi! The `wasmsign2` crate can be compiled to WebAssembly, including the `wasm32-unknown-unknown` target that browsers can load without a polyfill. This is a good start :) Using it from Javascript...
Hi Herman, I must confess that I don't follow what Ed25519ph would bring over Ed25519 here, since the message to be signed/verified is guaranteed to be very small. It can...
There's a major difference between what's being done here and Ed25519ph. What is being signed is not a hash of a message. It's a message made of the concatenation of...
Good catch. Signatures should include the algorithm prefix (matching the one from the public key). That was a last minute addition to the spec, and `wasmsign2` was indeed not updated...
Regarding prehashing, adding support for ECDSA to the spec (or replacing Ed25519 with it) may be better than Ed25519ph. It is more widely available, and has a higher probably of...
The `wasmsign2` implementation was updated to match the specification regarding the signatures, thanks a lot for reporting this!
I have to look at `cosign` and `rekor` more closely in order to understand what happens where. So, Rekor gets you the hash and the signature. In `cosign`, instead of...
Awwww crap. That being said, it shows that having the algorithm ID before the signature is more intuitive from an implementation perspective. And it actually makes more sense. The `signature`...