|
roy7 (OP)
|
 |
June 12, 2013, 04:59:03 PM |
|
I don't know much about encryption but I recall some older forms had security issues if you had messages that were too short. (Shorter than the key length? Not sure.) Is there any similar issues with signing messages with bitcoin? If I ask someone to sign a single word for instance, just 4-10 characters long, is that any sort of a security issue?
Thanks.
|
|
|
|
|
kodo
Newbie
 Offline
Activity: 42
Merit: 0
|
|
June 12, 2013, 05:48:49 PM |
|
I don't know much about encryption but I recall some older forms had security issues if you had messages that were too short. (Shorter than the key length? Not sure.) Is there any similar issues with signing messages with bitcoin? If I ask someone to sign a single word for instance, just 4-10 characters long, is that any sort of a security issue?
Thanks.
I still dont understand how to encrypt text.. |
|
|
|
|
|
roy7 (OP)
|
|
June 12, 2013, 07:21:35 PM |
|
I don't know much about encryption but I recall some older forms had security issues if you had messages that were too short. (Shorter than the key length? Not sure.) Is there any similar issues with signing messages with bitcoin? If I ask someone to sign a single word for instance, just 4-10 characters long, is that any sort of a security issue?
Thanks.
I still dont understand how to encrypt text.. Bitcoin doesn't do any encryption of text, but it can sign text to prove you own the public key. Since it's the same underlying science as normal public key encryption I wanted to be sure signing short messages didn't open any sort of attack on the private key. |
|
|
|
|
domob
Legendary
Offline
Activity: 1135
Merit: 1170
|
|
June 12, 2013, 07:24:38 PM |
|
Don't take my word for it (I'm neither expert with the code nor with crypto), but I presume for signing a message you first hash it and then sign the hash. Thus it is completely irrelevant how large the message is because you always end up doing your crypto on a fixed-size hash.
|
Use your Namecoin identity as OpenID: https://nameid.org/Donations: 1 domobKsPZ5cWk2kXssD8p8ES1qffGUCm | NMC: NC domobcmcmVdxC5yxMitojQ4tvAtv99pY BM-GtQnWM3vcdorfqpKXsmfHQ4rVYPG5pKS | GPG 0xA7330737 |
|
|
kjj
Legendary
Offline
Activity: 1302
Merit: 1026
|
|
June 12, 2013, 08:00:55 PM |
|
Don't take my word for it (I'm neither expert with the code nor with crypto), but I presume for signing a message you first hash it and then sign the hash. Thus it is completely irrelevant how large the message is because you always end up doing your crypto on a fixed-size hash.
vector<unsigned char> vchSig;
if (!key.SignCompact(Hash(ss.begin(), ss.end()), vchSig))
throw JSONRPCError(RPC_INVALID_ADDRESS_OR_KEY, "Sign failed");
Yup. |
17Np17BSrpnHCZ2pgtiMNnhjnsWJ2TMqq8
I routinely ignore posters with paid advertising in their sigs. You should too.
|
|
|
|
roy7 (OP)
|
|
June 12, 2013, 08:51:51 PM |
|
Ok cool, thank you!
|
|
|
|
|
jackjack
Legendary
Offline
Activity: 1176
Merit: 1280
May Bitcoin be touched by his Noodly Appendage
|
|
June 12, 2013, 09:04:30 PM |
|
I don't know much about encryption but I recall some older forms had security issues if you had messages that were too short. (Shorter than the key length? Not sure.) Is there any similar issues with signing messages with bitcoin? If I ask someone to sign a single word for instance, just 4-10 characters long, is that any sort of a security issue?
Thanks.
I still dont understand how to encrypt text.. Bitcoin doesn't do any encryption of text, but it can sign text to prove you own the public key. Since it's the same underlying science as normal public key encryption I wanted to be sure signing short messages didn't open any sort of attack on the private key. You can encrypt text with bitcoin private keys |
Own address: 19QkqAza7BHFTuoz9N8UQkryP4E9jHo4N3 - Pywallet support: 1AQDfx22pKGgXnUZFL1e4UKos3QqvRzNh5 - Bitcointalk++ script support: 1Pxeccscj1ygseTdSV1qUqQCanp2B2NMM2 Pywallet: instructions. Encrypted wallet support, export/import keys/addresses, backup wallets, export/import CSV data from/into wallet, merge wallets, delete/import addresses and transactions, recover altcoins sent to bitcoin addresses, sign/verify messages and files with Bitcoin addresses, recover deleted wallets, etc. |
|
|
|
threeip
|
|
June 12, 2013, 09:07:18 PM |
|
I don't know much about encryption but I recall some older forms had security issues if you had messages that were too short. (Shorter than the key length? Not sure.) Is there any similar issues with signing messages with bitcoin? If I ask someone to sign a single word for instance, just 4-10 characters long, is that any sort of a security issue?
Thanks.
I still dont understand how to encrypt text.. Bitcoin doesn't do any encryption of text, but it can sign text to prove you own the public key. Since it's the same underlying science as normal public key encryption I wanted to be sure signing short messages didn't open any sort of attack on the private key. You can encrypt text with bitcoin private keys But you cant encrypt with public key and decrypt with private key, right..? |
|
|
|
jackjack
Legendary
Offline
Activity: 1176
Merit: 1280
May Bitcoin be touched by his Noodly Appendage
|
|
June 12, 2013, 09:09:08 PM |
|
I don't know much about encryption but I recall some older forms had security issues if you had messages that were too short. (Shorter than the key length? Not sure.) Is there any similar issues with signing messages with bitcoin? If I ask someone to sign a single word for instance, just 4-10 characters long, is that any sort of a security issue?
Thanks.
I still dont understand how to encrypt text.. Bitcoin doesn't do any encryption of text, but it can sign text to prove you own the public key. Since it's the same underlying science as normal public key encryption I wanted to be sure signing short messages didn't open any sort of attack on the private key. You can encrypt text with bitcoin private keys But you cant encrypt with public key and decrypt with private key, right..? No, you can (that's what I meant, sorry for being unclear) For now, the clients themselves don't do that but it is possible as I made an implementation |
Own address: 19QkqAza7BHFTuoz9N8UQkryP4E9jHo4N3 - Pywallet support: 1AQDfx22pKGgXnUZFL1e4UKos3QqvRzNh5 - Bitcointalk++ script support: 1Pxeccscj1ygseTdSV1qUqQCanp2B2NMM2 Pywallet: instructions. Encrypted wallet support, export/import keys/addresses, backup wallets, export/import CSV data from/into wallet, merge wallets, delete/import addresses and transactions, recover altcoins sent to bitcoin addresses, sign/verify messages and files with Bitcoin addresses, recover deleted wallets, etc. |
|
|
Boussac
Legendary
Offline
Activity: 1221
Merit: 1025
e-ducat.fr
|
|
June 13, 2013, 01:29:18 PM |
|
I don't know much about encryption but I recall some older forms had security issues if you had messages that were too short. (Shorter than the key length? Not sure.) Is there any similar issues with signing messages with bitcoin? If I ask someone to sign a single word for instance, just 4-10 characters long, is that any sort of a security issue?
Thanks.
I still dont understand how to encrypt text.. Bitcoin doesn't do any encryption of text, but it can sign text to prove you own the public key. Since it's the same underlying science as normal public key encryption I wanted to be sure signing short messages didn't open any sort of attack on the private key. You can encrypt text with bitcoin private keys But you cant encrypt with public key and decrypt with private key, right..? No, you can (that's what I meant, sorry for being unclear) For now, the clients themselves don't do that but it is possible as I made an implementation Are you referring to an implementation of ECIES encryption ? |
|
|
|
jackjack
Legendary
Offline
Activity: 1176
Merit: 1280
May Bitcoin be touched by his Noodly Appendage
|
|
June 13, 2013, 05:52:40 PM |
|
I don't know much about encryption but I recall some older forms had security issues if you had messages that were too short. (Shorter than the key length? Not sure.) Is there any similar issues with signing messages with bitcoin? If I ask someone to sign a single word for instance, just 4-10 characters long, is that any sort of a security issue?
Thanks.
I still dont understand how to encrypt text.. Bitcoin doesn't do any encryption of text, but it can sign text to prove you own the public key. Since it's the same underlying science as normal public key encryption I wanted to be sure signing short messages didn't open any sort of attack on the private key. You can encrypt text with bitcoin private keys But you cant encrypt with public key and decrypt with private key, right..? No, you can (that's what I meant, sorry for being unclear) For now, the clients themselves don't do that but it is possible as I made an implementation Are you referring to an implementation of ECIES encryption ? No, somebody pointed me to ECIES when I released my software but I never had the time to look at it. I'm not even sure anyone used it with Bitcoin BTW I'm using secret sharing |
Own address: 19QkqAza7BHFTuoz9N8UQkryP4E9jHo4N3 - Pywallet support: 1AQDfx22pKGgXnUZFL1e4UKos3QqvRzNh5 - Bitcointalk++ script support: 1Pxeccscj1ygseTdSV1qUqQCanp2B2NMM2 Pywallet: instructions. Encrypted wallet support, export/import keys/addresses, backup wallets, export/import CSV data from/into wallet, merge wallets, delete/import addresses and transactions, recover altcoins sent to bitcoin addresses, sign/verify messages and files with Bitcoin addresses, recover deleted wallets, etc. |
|
|
|
