[viff-devel] Speed of ElGamal encryption

Janus Dam Nielsen jdn at brics.dk
Mon Sep 22 00:27:21 PDT 2008 

160 bit

--
Janus


Den 21/09/2008 kl. 17.02 skrev Claudio Orlandi:

> Could everyone specify the size of the field and the size of the
> secret keys used?
> Otherwise it's quite hard to understand the performance reported.
>
> Regards,
> Claudio
>
> On Sun, Sep 21, 2008 at 4:59 PM, Adam Langley  
> <agl at imperialviolet.org> wrote:
>> On Sun, Sep 21, 2008 at 3:23 AM, Martin Geisler <mg at daimi.au.dk>  
>> wrote:
>>> Calling a ElGamal function in NaCl would be very cool and  
>>> probably a bit
>>> faster since you wont have to do all the tuple packing and unpacking
>>> that you do in the Python version.
>>
>> NaCl has support for a primitive called a 'box'. The boxing function
>> takes these inputs:
>>  * The message
>>  * An nonce
>>  * The recipient's public key
>>  * The sender's private key
>>
>> Note that requiring the sender's private key makes this different  
>> from
>> most public key encryption functions. The unboxing function,
>> symmetrically, requires the sender's public key. (This boxing  
>> function
>> may be viewed as a encrypt+sign operation.)
>>
>> If this fits your model, then NaCl already contains everything you
>> need. In this case, the underlying primitive is not ElGamel, but
>> Diffie-Hellman. The two keys are combined with ECDH and the nonce
>> (which both sides must know, but need not be secret) diversifies the
>> long-term shared key into a per-message key.
>>
>> Based on timings for the x86-64 ECDH implementation, which I wrote,
>> 4*10^6 operations should take about 880 seconds for a short message.
>>
>>
>> AGL
>>
>> --
>> Adam Langley agl at imperialviolet.org http://www.imperialviolet.org
>> _______________________________________________
>> viff-devel mailing list (http://viff.dk/)
>> viff-devel at viff.dk
>> http://lists.viff.dk/listinfo.cgi/viff-devel-viff.dk
>>
>
>
>
> -- 
> Claudio Orlandi
>
> PhD student,
> Department of Computer Science, Turing-223
> Aarhus Universitet, Denmark
> http://www.daimi.au.dk/~orlandi
> _______________________________________________
> viff-devel mailing list (http://viff.dk/)
> viff-devel at viff.dk
> http://lists.viff.dk/listinfo.cgi/viff-devel-viff.dk

More information about the viff-devel mailing list