Re: RSA/DSA Public Keys and Payments

On 03/22/2013 10:31 AM, Manu Sporny wrote:
> Short answer: Yes, PaySwarm and Web Keys can support ECDSA (and can 
> support any future PEM-based format without requiring a change to the 
> Web Keys or PaySwarm specs). Note: There are a number of active 
> patents around ECDSA, which is why we steered clear of it. -- manu 

I don't know that this is strictly true. There may be a small change 
required to support ECDSA keys. The reason for that is that I don't 
believe ECDSA supports encryption (it is a digital signature algorithm 
only, just like DSA, AFAIR). Asymmetric elliptic curve cryptography 
requires the use of something like ECIES 
(http://en.wikipedia.org/wiki/Integrated_Encryption_Scheme) which 
appears to use Elliptic Curve parameters that are different from the 
signature algorithm.

The PaySwarm protocol is currently simplified by reusing public keys for 
encryption and verification (Note: only transient messages are encrypted 
in the protocol, so no key escrow is necessary). For example, when a 
PaySwarm Authority processes a listing for a buyer, it verifies the 
signature using the public key that signed the listing, then it encrypts 
the receipt for the related purchase using the same public key so that 
it can be transmitted securely to the vendor (even over an otherwise 
clear channel, as only the vendor can decrypt it). My guess is that, in 
order to support ECDSA (or similar) keys, we'd have to introduce another 
parameter to indicate the key that should be used to perform encryption 
in these cases. It's fairly trivial to add this to the protocol (as just 
a different parameter for another signature/encryption scheme), however, 
it is currently unnecessary with RSA.

-- 
Dave Longley
CTO
Digital Bazaar, Inc.
http://digitalbazaar.com

Received on Friday, 22 March 2013 18:22:10 UTC