Long shot... but does anyone have experience using NaCl to generate crypto keys? I'd be really grateful for any pointers on generating public key pairs of differing bit lengths using NaCl/libsodium.
-
-
-
Replying to @CiPHPerCoder
That is a very good question. I didn't write the specification this applies to, but the public key is intended to be concatenated to another public key, base64 encoded, and transmitted via DNS. I guess it's so that'll fit inside the permitted 255 chars for a string in TXT record.
2 replies 0 retweets 0 likes -
Replying to @pgchamberlin @CiPHPerCoder
... but still with the security of having a longer private key.
1 reply 0 retweets 0 likes -
Replying to @pgchamberlin
What asymmetric algorithm is being used by the specification? Libsodium only does Ed25519 and X25519
1 reply 0 retweets 0 likes -
Replying to @CiPHPerCoder @pgchamberlin
The public key size for both is 32 bytes (44 characters when base64-encoded). The private key size for Ed25519 is 64 bytes, while X25519's is 32.
1 reply 0 retweets 0 likes -
Replying to @CiPHPerCoder
Ah! I've just twigged. It's Ed25519. 256 bits both public and private key. For signing efficiency a precomputed scalar product is concatenated to the private key to make a 512 bit secret key.
2 replies 0 retweets 0 likes -
-
Replying to @CiPHPerCoder @pgchamberlin
It's seed || pk, where seed is hashed with SHA512
1 reply 0 retweets 1 like
But all of this fits without any problem in TXT records. See how DNSCrypt certificates are transmitted: https://dnscrypt.info/protocol
-
-
Replying to @jedisct1 @pgchamberlin
Yeah I didn't know which protocol he was alluding to
1 reply 0 retweets 0 likes -
Replying to @CiPHPerCoder @pgchamberlin
Pretty much all protocols, all languages, can use binary data these days. Why do people still systematically base64 encode everything?
1 reply 0 retweets 0 likes - 1 more reply
New conversation -
Loading seems to be taking a while.
Twitter may be over capacity or experiencing a momentary hiccup. Try again or visit Twitter Status for more information.