Re: [viff-devel] Paillier based two player runtime
Claudio Orlandi [EMAIL PROTECTED] writes: Converting this simple protocol to the active case is harder than expected, and I'm working on it right now. Great, I'm looking forward to it! :-) Well, if you have a lot of spare time you can start some preprocessing :) Well, what are weekends but lots of spare time? In particular, I guess that the active protocol will almost surely need some commitment schemes. And to make them as efficient as we can, we will probably use some elliptic curves over Zp with p around 160 bits. Cool -- that sounds like a good opportunity to finally sit down and create a slow-but-simple elliptic curve library for VIFF. As far as I remember the NaCL people did not only do network stuff, right? So some Python code would provide a kind of specification for them to program against when they get started in the CACE project... Isn't it cool that 160bits is at the same time the size we need for security AND to avoid the overflows in the computation? :) It certainly is! :-) -- Martin Geisler ___ viff-devel mailing list (http://viff.dk/) viff-devel@viff.dk http://lists.viff.dk/listinfo.cgi/viff-devel-viff.dk
Re: [viff-devel] Paillier based two player runtime
Cool -- that sounds like a good opportunity to finally sit down and create a slow-but-simple elliptic curve library for VIFF. I suggest you to use some library instead. Some of the algorithms are quite involved... I'm sure you can find C/C++ good stuff out there, and as far as I understood, you can embed them into Python right? There is a list here http://en.wikipedia.org/wiki/Elliptic_Curve_Cryptography but I have no clue about what is good and what is not. Claudio ___ viff-devel mailing list (http://viff.dk/) viff-devel@viff.dk http://lists.viff.dk/listinfo.cgi/viff-devel-viff.dk
Re: [viff-devel] Paillier based two player runtime
Quoting Claudio Orlandi [EMAIL PROTECTED]: Cool -- that sounds like a good opportunity to finally sit down and create a slow-but-simple elliptic curve library for VIFF. I suggest you to use some library instead. Some of the algorithms are quite involved... I'm sure you can find C/C++ good stuff out there, and as far as I understood, you can embed them into Python right? There is a list here http://en.wikipedia.org/wiki/Elliptic_Curve_Cryptography but I have no clue about what is good and what is not. A good person to ask is Michael (Østergaard, email [EMAIL PROTECTED]) I think he worked with some of these libraries.. regards, Ivan ___ viff-devel mailing list (http://viff.dk/) viff-devel@viff.dk http://lists.viff.dk/listinfo.cgi/viff-devel-viff.dk
Re: [viff-devel] Paillier based two player runtime
Ivan Bjerre Damgaard [EMAIL PROTECTED] writes: Quoting Claudio Orlandi [EMAIL PROTECTED]: Cool -- that sounds like a good opportunity to finally sit down and create a slow-but-simple elliptic curve library for VIFF. I suggest you to use some library instead. Some of the algorithms are quite involved... From reading the Wikipedia page linked below it seems very simple to implement. But if it should be fast, then a library is of course much better than a home-grown Python version. I'm sure you can find C/C++ good stuff out there, and as far as I understood, you can embed them into Python right? Yes, one can do that. But then people would need to install the library on their machine to use VIFF. If the library provided binaries for Windows then it's no problem, but for a smaller library there might not be much Windows support. There is a list here http://en.wikipedia.org/wiki/Elliptic_Curve_Cryptography but I have no clue about what is good and what is not. I also found it, but I also don't have any experience with these libraries. A good person to ask is Michael (Østergaard, email [EMAIL PROTECTED]) I think he worked with some of these libraries.. Cool -- I see that Claudio has sent him an email already! -- Martin Geisler ___ viff-devel mailing list (http://viff.dk/) viff-devel@viff.dk http://lists.viff.dk/listinfo.cgi/viff-devel-viff.dk
Re: [viff-devel] [PATCH 0 of 4] Insecure ElGamal based two player runtime
Ivan Bjerre Damgaard [EMAIL PROTECTED] writes: Isn't a mail list for patches a strange place to put something like this El Gamal protocol you just mailed about? If you had not by chance sent this to more people, you might not have received Claudio's useful comment. You're right, I'm pretty sure Claudio would never have known about the ElGamal or the Paillier runtimes otherwise... Maybe there should be a protocol development mail list? I think of this list as the general development list and so also the protocol development list. I got the idea for a separate more code-heavy list since I believe many people wont bother reading code posted here anyway. And I also got the impression that people would hold back with sending in patches since they did not want to disturb the others reading this list. But maybe it's a bad idea to split the attention like that... people interested in VIFF will now sort of have to be part of both lists to be updated with everything that is going on in VIFF. What do people think about this? -- Martin Geisler ___ viff-devel mailing list (http://viff.dk/) viff-devel@viff.dk http://lists.viff.dk/listinfo.cgi/viff-devel-viff.dk
[viff-devel] Elliptic curves
From reading the Wikipedia page linked below it seems very simple to implement. But if it should be fast, then a library is of course much better than a home-grown Python version. It's also about security. I would like an implementation that deals, at least, with the most common side-channel attacks. Other issues are which curve do you use, which kind of point representation, ... Yes, one can do that. But then people would need to install the library on their machine to use VIFF. If the library provided binaries for Windows then it's no problem, but for a smaller library there might not be much Windows support. So Micheal used mostly pairing-friendly curves, that is really what we don't want here. Anyway, he suggested to have a look at the MIRACL library. The problem with this one is that is not open source, it's free just if you use it for fun... ___ viff-devel mailing list (http://viff.dk/) viff-devel@viff.dk http://lists.viff.dk/listinfo.cgi/viff-devel-viff.dk