I just added Shamir's trick to the LTC library. Gets ~1.34x to ~1.4x
faster signature verifications than before with a simple 16 element
table of points.

Some numbers

---NOW---
ECC-112 verify_hash took 807645 cycles (1.34x faster)
ECC-128 verify_hash took 969613 cycles (1.40x faster)
ECC-160 verify_hash took 1391150 cycles
ECC-192 verify_hash...

I just added Shamir's trick to the LTC library. Gets ~1.34x to ~1.4x
faster signature verifications than before with a simple 16 element
table of points.

Some numbers

---NOW---
ECC-112 verify_hash took 807645 cycles (1.34x faster)
ECC-128 verify_hash took 969613 cycles (1.40x faster)
ECC-160 verify_hash took 1391150 cycles
ECC-192 verify_hash...

I just added Shamir's trick to the LTC library. Gets ~1.34x to ~1.4x
faster signature verifications than before with a simple 16 element
table of points.

Some numbers

---NOW---
ECC-112 verify_hash took 807645 cycles (1.34x faster)
ECC-128 verify_hash took 969613 cycles (1.40x faster)
ECC-160 verify_hash took 1391150 cycles
ECC-192 verify_hash...

Hi,

This web utility is designed for validate electronic signatures in
PKCS7 or CMS format (Binary and Base 64). It ONLY validates the
mathematical exactness of the signature and performs an inspection
showing the internal signature composition. IMPORTANT : For now it
doesn't validate attached signatures, neither download CRL to validate
the signning certificate status, nor validates the certification
authority root certificate (but it allows to download the signing
certificates to validate them throw other ways). Feel free using it.

http://www.signaturevalidator.com

mrella

David Eather wrote:

This isn't standard DH any more. You are essentially trying to invent
your own key exchange protocol. That's a risky exercise, because such
protocols are susceptible to subtle flaws that can be hard to spot.

The answer, by the way, is that I don't think it is necessarily secure.
For instance, if Mallory uses 0 as her DH exponential with both parties,
then the DH key they compute will be 0 on both sides, and the attack
will succeed. But even if you fix it so that I can't immediately find
an attack, I would still have some reluctance to use a new key-exchange
protocol without some hefty analysis to back up its security.

Marcus Streets wrote:

Depends on the platform. If this is for a server of some sort you can
get 3500/sec [RSA-1024 private] with a dual-core AMD64 @2.2Ghz for
~200$ USD. It scales nicely to the faster dual cores, and even on the
Core 2 Duos which can run as high as 3.5GHz or so.

If this is for some embedded "runs off a cell battery" device, I assure
you the nCipher design that "can get 2000/sec" is most likely not
applicable.

Tom

"Paul Vigay" invalid-domain.co.uk> wrote in message
news:4e8edce111invalid-email-address@invalid-domain.co.uk...

You would be correct, which is of course why the press release is
complaining about it, not promoting it.