Re: Support for ECDSA & ed25519 digital signatures in pgcrypto?
| От | Bruce Momjian |
|---|---|
| Тема | Re: Support for ECDSA & ed25519 digital signatures in pgcrypto? |
| Дата | |
| Msg-id | 20180301024344.GA28442@momjian.us обсуждение исходный текст |
| Ответ на | Support for ECDSA & ed25519 digital signatures in pgcrypto? (Nilesh Trivedi <nilesh.tr@gmail.com>) |
| Список | pgsql-hackers |
On Sun, Feb 4, 2018 at 04:38:24PM +0530, Nilesh Trivedi wrote: > I recently had to build ed25519 digital signature validation in PostgreSQL. > Since pgcrypto doesn't > support these methods, I had to look into PL/Python and PL/v8 based > implementations. The > experience turned out to be very poor (documented here: https://gist.github.com > /nileshtrivedi > /7cd622d4d521986593bff81bfa1e5893 > > I think OpenSSL already supports these encryption methods and it would be great > to have them > supported within pgcrypto - especially with the advent of distributed systems > like IPFS, public > blockchains like BitCoin, Ethereum. Elliptic curve cryptography has some major > advantages over > RSA: for both security and usability. Some are listed here: https:// > ed25519.cr.yp.to/ > > Is somebody working on this? I'm not a C programmer but if needed, I can look > into implementing > this. I agree there is going to be a lot more focus on ECDSA because elliptic curve cryptography is much more efficient for large key sizes, see: https://momjian.us/main/writings/pgsql/tls.pdf#page=17 and RSA can't support elliptic curve. Chrome accessing mail.google.com is already using ECDSA: https://momjian.us/main/writings/pgsql/tls.pdf#page=16 -- Bruce Momjian <bruce@momjian.us> http://momjian.us EnterpriseDB http://enterprisedb.com + As you are, so once was I. As I am, so you will be. + + Ancient Roman grave inscription +
В списке pgsql-hackers по дате отправления: