Comments (12)
thaidn
commented on August 20, 2024
Hi iainmcgin@,
Yes it's a known bug in the code. That's why it's annotated with @Alpha. We don't recommend using it for production.
We're working hard on 1.1.0 release, but Ed25519 might not make the cut because we're still worried about that code (it was written by a contributor).
Do you absolutely need it or can you switch to ECDSA? If you really need it, we'll spend more time working on it and that might delay the 1.1.0 release 1-2 weeks -- it's fine for us, because we have no pressure to release it now.
from tink.
thaidn
commented on August 20, 2024
Without Ed25519, 1.1.0 will be out in a couple of days. With Ed25519, it won't be later than 4/15/2018.
from tink.
iainmcgin
commented on August 20, 2024
We don't desperately need it, I just picked that scheme as it is intended to be more performant than ECDSA, according to Bernstein's paper, though I haven't actually tried benchmarking the Tink implementation to see if that is the case.
So anyway, don't rush on my account. If there are any low-hanging fruit changes needed that you'd like help with, let me know.
P.S: Hello from the outside, I left the Google Identity team a couple of months ago.
from tink.
ise-crypto
commented on August 20, 2024
Thanks Iain. We implemented it in pure Java, so it might not give you a better performance comparing to JCE ECDSA which I believe is a wrapper of native code. I'd love to see the numbers if you happen to benchmark it though.
Cheers!
from tink.
iainmcgin
commented on August 20, 2024
Oh, one last thing: I didn't realize the Ed25519 implementation was alpha, and I think a potential point of confusion there is that Ed25519 is included from the default Tink config registration. Maybe if it's not considered safe to use, it shouldn't be in the default config and users of the library should have to explicitly roll their own config to include it?
from tink.
thaidn
commented on August 20, 2024
Yeah it's a mistake.
We're making it safe now. Stay tuned!
…On Wed, Mar 28, 2018 at 4:45 PM, Iain McGinniss ***@***.***> wrote:
Oh, one last thing: I didn't realize the Ed25519 implementation was alpha,
and I think a potential point of confusion there is that Ed25519 is
included from the default Tink config registration. Maybe if it's not
considered safe to use, it shouldn't be in the default config and users of
the library should have to explicitly roll their own config to include it?
—
You are receiving this because you commented.
Reply to this email directly, view it on GitHub
<#86 (comment)>, or mute
the thread
<https://github.com/notifications/unsubscribe-auth/AAAdbG35Hp3pWSlE-XV1zyaxCBdW2TVQks5tjCCWgaJpZM4S9rQb>
.
from tink.
iainmcgin
commented on August 20, 2024
@ise-crypto I wrote a simple micro-benchmark to measure performance of signing operations for Ed25519 and ECDSA. You can see the code and results here: https://github.com/wework/tink-signature-benchmark
tl;dr: The Ed25519 implementation in Tink is almost 10x faster than the OpenJDK provided implementation of ECSDA with the P-256 curve.
from tink.
thaidn
commented on August 20, 2024
Thanks Iain. It's astonishing that Ed25519 is 10x faster than ECDSA. We've
decided to include it in 1.1.0 and are making a few final changes. It
should be ready by the end of this week.
BTW we'd love to include your benchmarking code in Tink. Is it possible to
convert it to Java?
…On Tue, Apr 3, 2018 at 2:19 PM, Iain McGinniss ***@***.***> wrote:
@ise-crypto <https://github.com/ise-crypto> I wrote a simple
micro-benchmark to measure performance of signing operations for Ed25519
and ECDSA. You can see the code and results here:
https://github.com/wework/tink-signature-benchmark
—
You are receiving this because you commented.
Reply to this email directly, view it on GitHub
<#86 (comment)>, or mute
the thread
<https://github.com/notifications/unsubscribe-auth/AAAdbFxt5LLaa2SxR5cCBlCYRTe9zV1pks5tk-ddgaJpZM4S9rQb>
.
from tink.
iainmcgin
commented on August 20, 2024
Sure, the Kotlin code isn't that fancy and should be straightforward to translate. Want me to send you a PR?
from tink.
thaidn
commented on August 20, 2024
Yes, please. Thanks so much Iain!
…On Tue, Apr 3, 2018 at 2:34 PM, Iain McGinniss ***@***.***> wrote:
Sure, the Kotlin code isn't that fancy and should be straightforward to
translate. Want me to send you a PR?
—
You are receiving this because you commented.
Reply to this email directly, view it on GitHub
<#86 (comment)>, or mute
the thread
<https://github.com/notifications/unsubscribe-auth/AAAdbGzztyTsG85qJWdcpZEe_0Ou8NXqks5tk-rZgaJpZM4S9rQb>
.
from tink.
thaidn
commented on August 20, 2024
Hey Iain, just want to make sure you see this. We released 1.2.0 with Ed25519.
from tink.
iainmcgin
commented on August 20, 2024
I spotted that, thanks! I'm still working with my employer to get the Google Corporate CLA signed so that I can send you a PR for the benchmarking code; hopefully that will be resolved soon.
from tink.
Related Issues (20)
- tink cannot be installed on arm64 linux HOT 9
- Cannot install it with googleapis-common-protos and other related libs in python HOT 7
- Envelope AEAD Performance with GCP KMS HOT 1
- java tink library is not scaling with java threads HOT 1
- Tink installation on bazel and pip3 fail HOT 4
- Missing classes dectected while running R8 HOT 11
- Is Tink for Objective-C buildable via Bazel? HOT 9
- Recommendation on the best approach for rotation HOT 1
- tink 1.7.0 depends on protobuf 3.20.1 which has a security vulnerability patched in a newer version HOT 4
- Windows OS Support HOT 4
- Cannot download tinkey - The project to be billed is associated with a closed billing account. HOT 2
- cannot verify signature HOT 3
- java.security.GeneralSecurityException: cannot verify signature HOT 1
- No manager for type 'type.googleapis.com/google.crypto.tink.HpkePrivateKey' has been registered HOT 2
- H HOT 1
- compile tink cpp library for ios HOT 4
- OSS-Fuzz issue 66058 HOT 1
- Intent to archive https://github.com/google/tink
- Duplicate class found in modules jetified-tink-1.8.0 and jetified-tink-android-1.8.0 HOT 1
- Add PRF Documentation to website HOT 1
Recommend Projects
-
React
A declarative, efficient, and flexible JavaScript library for building user interfaces.
-
Vue.js
🖖 Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.
-
Typescript
TypeScript is a superset of JavaScript that compiles to clean JavaScript output.
-
TensorFlow
An Open Source Machine Learning Framework for Everyone
-
Django
The Web framework for perfectionists with deadlines.
-
Laravel
A PHP framework for web artisans
-
D3
Bring data to life with SVG, Canvas and HTML. 📊📈🎉
-
Recommend Topics
-
javascript
JavaScript (JS) is a lightweight interpreted programming language with first-class functions.
-
web
Some thing interesting about web. New door for the world.
-
server
A server is a program made to process requests and deliver data to clients.
-
Machine learning
Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.
-
Visualization
Some thing interesting about visualization, use data art
-
Game
Some thing interesting about game, make everyone happy.
Recommend Org
-
Facebook
We are working to build community through open source technology. NB: members must have two-factor auth.
-
Microsoft
Open source projects and samples from Microsoft.
-
Google
Google ❤️ Open Source for everyone.
-
Alibaba
Alibaba Open Source for everyone
-
D3
Data-Driven Documents codes.
-
Tencent
China tencent open source team.
from tink.