[openssl-users] Testing OpenSSL based solution

Nico Williams nico at cryptonector.com
Tue May 12 20:00:32 UTC 2015


On Tue, May 12, 2015 at 06:10:39PM +0000, Salz, Rich wrote:
> You can't easily have test vectors for DSA signatures since they
> include a random.  Any test vector would have to include the random,
> and any API would have to be able to accept the random as part of the
> "sign" API.  Verification should be okay.

It'd be nice to have derandomized *DSA forms for OpenSSL.

CFRG is on the case, thankfully, so eventually there should be a
derandomized ECC signature scheme in OpenSSL.  (Assuming the consensus
ends up being in favor of having a deterministic, state-less signature
scheme.)

Nico
-- 


More information about the openssl-users mailing list