<html>
<head>
<meta http-equiv="Content-Type" content="text/html; charset=Windows-1252">
</head>
<body style="word-wrap: break-word; -webkit-nbsp-mode: space; -webkit-line-break: after-white-space; color: rgb(0, 0, 0); font-size: 14px; font-family: 'Times New Roman', sans-serif; ">
<span id="OLK_SRC_BODY_SECTION">
<div>
<div>On 6/30/15 1:26 PM, "Burleigh, Scott C (312B)" <<a href="mailto:scott.c.burleigh@jpl.nasa.gov">scott.c.burleigh@jpl.nasa.gov</a>> wrote:</div>
</div>
<div><br>
</div>
<blockquote id="MAC_OUTLOOK_ATTRIBUTION_BLOCKQUOTE" style="BORDER-LEFT: #b5c4df 5 solid; PADDING:0 0 0 5; MARGIN:0 0 0 5;">
<div xmlns:v="urn:schemas-microsoft-com:vml" xmlns:o="urn:schemas-microsoft-com:office:office" xmlns:w="urn:schemas-microsoft-com:office:word" xmlns:m="http://schemas.microsoft.com/office/2004/12/omml" xmlns="http://www.w3.org/TR/REC-html40">
<meta name="Generator" content="Microsoft Word 15 (filtered medium)">
<!--[if !mso]><style>v\:* {behavior:url(#default#VML);}
o\:* {behavior:url(#default#VML);}
w\:* {behavior:url(#default#VML);}
.shape {behavior:url(#default#VML);}
</style><![endif]--><style><!--
/* Font Definitions */
@font-face
{font-family:"Cambria Math";
panose-1:2 4 5 3 5 4 6 3 2 4;}
@font-face
{font-family:Calibri;
panose-1:2 15 5 2 2 2 4 3 2 4;}
@font-face
{font-family:Tahoma;
panose-1:2 11 6 4 3 5 4 4 2 4;}
/* Style Definitions */
p.MsoNormal, li.MsoNormal, div.MsoNormal
{margin:0in;
margin-bottom:.0001pt;
font-size:12.0pt;
font-family:"Times New Roman",serif;}
a:link, span.MsoHyperlink
{mso-style-priority:99;
color:#0563C1;
text-decoration:underline;}
a:visited, span.MsoHyperlinkFollowed
{mso-style-priority:99;
color:#954F72;
text-decoration:underline;}
p
{mso-style-priority:99;
margin:0in;
margin-bottom:.0001pt;
font-size:12.0pt;
font-family:"Times New Roman",serif;}
span.EmailStyle19
{mso-style-type:personal-reply;
font-family:"Calibri",sans-serif;
color:#1F497D;}
.MsoChpDefault
{mso-style-type:export-only;
font-size:10.0pt;}
@page WordSection1
{size:8.5in 11.0in;
margin:1.0in 1.0in 1.0in 1.0in;}
div.WordSection1
{page:WordSection1;}
--></style><!--[if gte mso 9]><xml>
<o:shapedefaults v:ext="edit" spidmax="1026" />
</xml><![endif]--><!--[if gte mso 9]><xml>
<o:shapelayout v:ext="edit">
<o:idmap v:ext="edit" data="1" />
</o:shapelayout></xml><![endif]-->
<div lang="EN-US" link="#0563C1" vlink="#954F72">
<div class="WordSection1">
<p class="MsoNormal"><span style="font-size: 11pt; font-family: Calibri, sans-serif; color: rgb(31, 73, 125); ">I agree, Jeremy, it’s terrific that you could do this so quickly. And I agree that the overheads are not bad, but to my mind they are still a little
troubling. I can imagine an SBSP Block Integrity Block ciphersuite that would use a one-time, randomly generated SHA256 key to generate a SHA256 digest over the payload (shipped in the BIB’s results field); would include that key in the BIB’s ciphersuite
parameters; and would also provide an elliptic-curve digital signature for that key (computed using the sender’s private key, to be verified using the sender’s pre-placed public key) as an additional ciphersuite parameter. I think that would come to 256 bits
for the SHA256 digest plus 256 bits for the SHA256 key, plus 320 bits for the ECDS, for a total of 832 bits = 104 bytes. Even allowing for a little additional BIB structural overhead, this is still less than a sixth of the overhead measured for the CMS signing
option.</span></p>
</div>
</div>
</div>
</blockquote>
</span>
<div><br>
</div>
<div>Scott,</div>
<div><span class="Apple-tab-span" style="white-space:pre"></span>CMS would allow you to use ECDSA for signatures in lieu of RSA if you wanted to reduce the overhead seen in these examples.</div>
<div><br>
</div>
<div>
<div>
<div>
<div style="font-family: Helvetica; font-size: medium; ">
<div>--</div>
<div>Dennis Iannicca</div>
<div>NASA Glenn Research Center</div>
<div>21000 Brookpark Road, MS 54-1</div>
<div>Cleveland, OH 44135</div>
<div>216-433-6493</div>
</div>
</div>
</div>
</div>
</body>
</html>