Ninjastic
PostEdited versionsQuotes to this post
Post
Topic
Board Announcements (Altcoins)
Re: NXT :: descendant of Bitcoin - Updated Information
by
ChuckOne
on 09/02/2014, 14:42:42 UTC
Quote from: ChuckOne on February 09, 2014, 02:05:42 PM
Quote from: gimre on February 09, 2014, 01:58:55 PM
Quote from: BloodyRookie on February 09, 2014, 01:41:59 PM
Quote from: Come-from-Beyond on February 09, 2014, 11:01:46 AM
Quote from: Jean-Luc on February 09, 2014, 10:38:08 AM
Quote from: gimre on February 09, 2014, 09:12:59 AM
Also, could you look, at this message, not sure if you've seen it:
https://bitcointalk.org/index.php?topic=345619.msg5002245#msg5002245
I don't understand this code so I cannot change it. It is up to CfB and BCNext to decide if and when this should be fixed.

Only crypto audit will tell if it's a bug or not. Right now there is another way to fix unverifable signatures in Crypto.sign(). We can't use BloodyRookie's fix without a formal proof that this won't break Curve25519 security. Actually, if the fix gets rid of unverifable signatures completely then we shouldn't use it. It's a normal situation that sometimes we have to recompute signatures generated with EC-KCDSA.

It is a bug. Did you even read my post completely? You need only basic knowledge in algebra to understand it.
The EC-KCDSA signature algorith can fail sometimes that's why sign() returns a boolean value. But that happens very rarely and simply means v=(x-h)s = 0 mod q.
Maybe you should ask Doctor Evil Wink

I've made repo with test:
https://github.com/gimer/curve25519-sign-test

Code:
nxtcurve\bin> java nxtcurve.TestCurve
      original failed: 132 / 1000
BloodyRookie's failed: 0 / 1000
      original failed: 121 / 1000
BloodyRookie's failed: 0 / 1000
      original failed: 137 / 1000
BloodyRookie's failed: 0 / 1000
      original failed: 133 / 1000
BloodyRookie's failed: 0 / 1000
...

I've also added class files to the repo, so it's enough to replace "nxt-0.7.2\webapps\root\WEB-INF\classes\nxt\crypto\Curve25519.class" with file from the repo and it should work.

Ah, now, we need a code audit on your code. Wink

Waoh, made the mistake and had a look at:
https://github.com/gimer/curve25519-sign-test/blob/master/src/nxt/crypto/Curve25519.java
My eyes are bleeding as does my computer science heart.

Mathematicians, physicists and cryptographists should NOT write code. Please! Pleeeease!  Cry

You want us to audit but reading this is like reading a best-seller that has been injected grammar errors and typos each in every sentence. So, how to find the errors in content if you can barely tell them apart from the former ones.

I really get the impression that programmed cryptography is not so difficult in the end; except when people having no idea how to write it down write it down.  Angry

Sorry for being emotional.