Signature Issue

classic Classic list List threaded Threaded
2 messages Options
Reply | Threaded
Open this post in threaded view
|

Signature Issue

Smith, Bill (Tridium)
We have a scenario where we need customers in the field to be able to enter
some sort of key or token to enable/reset functionality of their device. Our
plan was to embed a public key in the OS image. When the customer needs to
reset, they call support and provide a system token generated on the device.
Customer support would then generate the reset token by signing their token
with the corresponding private key.

So, in playing a bit, I looked at SHA256withRSA and found the signature
(with a 2048 bit RSA key) was 256 bytes. Converting that to something that a
human can type resulted in a BIG token. After that, I played with
SHA256withECDSA and was able to get a signature (160 bit key) down to 48
bytes. That's still a pretty large token to have to type.

Given that we 1) need this functionality (business decision, etc.) and 2) we
don't want to embed a symmetric key in the OS image, does anybody have
thoughts on how to do this in a way that shortens the signature? I'm not as
worried about collisions or brute force since I can limit attempts, etc. and
to get in to this state physical access to the device is required.

Regards

Bill

smime.p7s (7K) Download Attachment
Reply | Threaded
Open this post in threaded view
|

RE: Signature Issue

Pitonyak, Andrew D
I have seen a few solutions to this, and here are some of them depending on connectivity and such:

1. Automated server where the program connects and it is mostly automated, but it depends on connectivity and your ability to stand-up a public facing server and the clients ability to hit that server.
2. So you email them the string and they simply cut and paste, no big deal

OK, so you need something small. Does this key need to just "get them through", or be good until they can get back out of the field?

For RSA, the signature size is dependent on the key size, so, you can have a "temporary" key only good for <insert time frame here, one week, one month, etc.>.

How large is the initial "license" that allows the application to work? Is it large and installed from a disk or something?

Do you really need to use RSA?


Read this: http://stackoverflow.com/questions/599837/how-to-generate-and-validate-a-software-license-key

They suggest using a different signing method with shorter outcomes such as ECC or Schnorr.

Many other useful suggestions, just figure out which one works for you

https://github.com/garethrbrown/.net-licence-key-generator 


-----Original Message-----
From: Smith, Bill (Tridium) [mailto:[hidden email]]
Sent: Thursday, January 19, 2017 10:02 AM
To: [hidden email]
Subject: [dev-crypto] Signature Issue

We have a scenario where we need customers in the field to be able to enter
some sort of key or token to enable/reset functionality of their device. Our
plan was to embed a public key in the OS image. When the customer needs to
reset, they call support and provide a system token generated on the device.
Customer support would then generate the reset token by signing their token
with the corresponding private key.

So, in playing a bit, I looked at SHA256withRSA and found the signature
(with a 2048 bit RSA key) was 256 bytes. Converting that to something that a
human can type resulted in a BIG token. After that, I played with
SHA256withECDSA and was able to get a signature (160 bit key) down to 48
bytes. That's still a pretty large token to have to type.

Given that we 1) need this functionality (business decision, etc.) and 2) we
don't want to embed a symmetric key in the OS image, does anybody have
thoughts on how to do this in a way that shortens the signature? I'm not as
worried about collisions or brute force since I can limit attempts, etc. and
to get in to this state physical access to the device is required.

Regards

Bill