Diffie-Hellman Key Agreement Primitives - Validated #180
Conversation
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
- UIntBig implements unsigned arbitrary-precision integer modular exponentiation (ModPow)
- ModPow is core function for anonymous Diffie-Hellman key agreement
- Function computes (b ^ e) % m where b=base, e=exponent, m=modulo
- Pure Java implementation without relying on Java BigInteger, native code, or 3rd party libraries
- Developed for 32-bit architecture for cross-platform code and data compatibility with older and limited capability devices
- Designed and implemented from ground up using bespoke algorithms optimised for unsigned multiplication, subtraction, modulo (without quotient), bit shifting, and comparison, using only primitive operators that are common across all target platforms
- Validated against Java BigInteger for unsigned integers up to maximum long value
- Performance tests showed this software implementation is slower than native hardware but acceptable for intended purpose
- Tested using 2048-bit exponent and modulo values
- Software : 3000-4000ns/call
- Hardware : 400-1500ns/call
- Investigation into existing libraries showed the following issues which resulted in new Herald specific implementation
- 32-bit vs 64-bit : All cross-platform libraries are 64-bit only and rely on native code (usually OpenSSL)
- License : Most libraries are MIT license
- Abstraction : The most promising cross-platform libraries (e.g. Themis) implements additional functions (e.g. Secure Session) over Diffie-Hellman which adds complexity that are not required in Herald
- Compatibility : Native functions and data formats on iOS and Android for key agreement are not compatible
- Efficiency : Java BigInteger is immutable, thus using significant memory that is not desirable for wearables; Pure Swift libraries (e.g. Swift BigInt) are unacceptably slow (10+ minutes/call for 2048-bit ModPow test); new implementation has been optimised for ModPow function
Signed-off-by: c19x <support@c19x.org>
- Validated with iOS implementation for data format and function compatibility Signed-off-by: c19x <support@c19x.org>
- Optional code to test DH on phone hardware on SensorArray start Signed-off-by: c19x <support@c19x.org>
|
Resubmitting after #190 is approved |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Add this suggestion to a batch that can be applied as a single commit.
This suggestion is invalid because no changes were made to the code.
Suggestions cannot be applied while the pull request is closed.
Suggestions cannot be applied while viewing a subset of changes.
Only one suggestion per line can be applied in a batch.
Add this suggestion to a batch that can be applied as a single commit.
Applying suggestions on deleted lines is not supported.
You must change the existing code in this line in order to create a valid suggestion.
Outdated suggestions cannot be applied.
This suggestion has been applied or marked resolved.
Suggestions cannot be applied from pending reviews.
Suggestions cannot be applied on multi-line comments.
Suggestions cannot be applied while the pull request is queued to merge.
Suggestion cannot be applied right now. Please check back later.
Diffie-Hellman primitives - Validated
Signed-off-by: c19x support@c19x.org
closes #173