Bimodal Lattice Signature Scheme (BLISS) » History » Version 36
Andreas Steffen, 04.01.2015 08:44
1 | 1 | Andreas Steffen | h1. Bimodal Lattice Signature Scheme (BLISS) |
---|---|---|---|
2 | 1 | Andreas Steffen | |
3 | 16 | Andreas Steffen | {{>toc}} |
4 | 16 | Andreas Steffen | |
5 | 17 | Andreas Steffen | BLISS is a post-quantum signature scheme based on the CRYPTO 2013 paper "Lattice Signatures and Bimodal Gaussians":https://eprint.iacr.org/2013/383 by Léo Ducas, Alain Durmus, Tancrède Lepoint, and Vadim Lyubashevsky. Starting with the strongSwan [[5.2.2]] release we offer BLISS as an IKEv2 public key authentication method. We also added full BLISS key and certificate generation support to the strongSwan [[IpsecPki|pki]] tool. |
6 | 1 | Andreas Steffen | |
7 | 17 | Andreas Steffen | This seamless integration into the strongSwan framework was made possible by the new libstrongswan "bliss plugin":https://wiki.strongswan.org/projects/strongswan/repository/revisions/master/show/src/libstrongswan/plugins/bliss completely written in the C programming language without the use of any external libraries and which implements the libstrongswan "public_key_t":https://wiki.strongswan.org/projects/strongswan/repository/revisions/master/entry/src/libstrongswan/credentials/keys/public_key.h and "private_key_t":https://wiki.strongswan.org/projects/strongswan/repository/revisions/master/entry/src/libstrongswan/credentials/keys/private_key.h interfaces. |
8 | 7 | Andreas Steffen | |
9 | 18 | Andreas Steffen | h2. Building strongSwan with BLISS Support |
10 | 18 | Andreas Steffen | |
11 | 18 | Andreas Steffen | If you want to play around with BLISS keys and signatures using the strongSwan [[IpsecPki|pki]] tool please follow the quick software installation HOWTO: |
12 | 18 | Andreas Steffen | <pre> |
13 | 18 | Andreas Steffen | wget http://download.strongswan.org/strongswan-5.2.2rc1.tar.bz2 |
14 | 18 | Andreas Steffen | tar xjf strongswan-5.2.2rc1.tar.bz2 |
15 | 18 | Andreas Steffen | cd strongswan-5.2.2rc1 |
16 | 18 | Andreas Steffen | ./configure --prefix=/usr --sysconfdir=/etc --disable-gmp --enable-bliss |
17 | 18 | Andreas Steffen | make |
18 | 18 | Andreas Steffen | sudo make install |
19 | 18 | Andreas Steffen | </pre> |
20 | 18 | Andreas Steffen | |
21 | 1 | Andreas Steffen | h2. BLISS Private Key Generation |
22 | 1 | Andreas Steffen | |
23 | 1 | Andreas Steffen | strongSwan currently supports the BLISS-I, BLISS-III, and BLISS-IV schemes with a cryptographic strength of 128 bits, 160 bits and 192 bits, respectively. Using the [[IpsecPki|pki]] tool a private BLISS key can be generated as follows: |
24 | 1 | Andreas Steffen | <pre> |
25 | 13 | Andreas Steffen | pki --gen --type bliss --size 1 --debug 2 > cakey1.der |
26 | 1 | Andreas Steffen | |
27 | 1 | Andreas Steffen | mgf1 based on sha1 is seeded with 20 octets |
28 | 1 | Andreas Steffen | mgf1 generated 240 octets |
29 | 1 | Andreas Steffen | mgf1 based on sha1 is seeded with 20 octets |
30 | 1 | Andreas Steffen | mgf1 generated 240 octets |
31 | 1 | Andreas Steffen | l2 norm of s1||s2: 771, Nk(S): 47150 (46479 max) |
32 | 1 | Andreas Steffen | |
33 | 1 | Andreas Steffen | mgf1 based on sha1 is seeded with 20 octets |
34 | 1 | Andreas Steffen | mgf1 generated 220 octets |
35 | 1 | Andreas Steffen | mgf1 based on sha1 is seeded with 20 octets |
36 | 1 | Andreas Steffen | mgf1 generated 240 octets |
37 | 1 | Andreas Steffen | l2 norm of s1||s2: 771, Nk(S): 43332 (46479 max) |
38 | 1 | Andreas Steffen | |
39 | 1 | Andreas Steffen | secret key generation succeeded after 2 trials |
40 | 1 | Andreas Steffen | </pre> |
41 | 9 | Andreas Steffen | When generating the private key consisting of the two polynomials *s1* and *s2*, the limit for the _Nk(S)_ metric must not be exceeded. This means that often several trials are needed in order to obtain a valid BLISS private key. With the command |
42 | 1 | Andreas Steffen | <pre> |
43 | 13 | Andreas Steffen | pki --print --type bliss-priv --in cakey1.der |
44 | 1 | Andreas Steffen | |
45 | 1 | Andreas Steffen | private key with: |
46 | 1 | Andreas Steffen | pubkey: BLISS 128 bits strength |
47 | 1 | Andreas Steffen | keyid: d1:a3:fb:04:8d:1b:86:4f:fa:a7:d8:45:ec:e3:e3:ec:ef:7b:85:ca |
48 | 1 | Andreas Steffen | subjkey: e3:fc:6b:59:9a:ee:81:d5:10:3a:58:9f:e2:99:f7:7f:5c:3b:1c:96 |
49 | 1 | Andreas Steffen | </pre> |
50 | 1 | Andreas Steffen | information on the BLISS private key is displayed. |
51 | 2 | Andreas Steffen | |
52 | 1 | Andreas Steffen | Let's now generate a BLISS-IV key with 192 bit cryptographic strength in base64-encoded PEM format |
53 | 2 | Andreas Steffen | <pre> |
54 | 13 | Andreas Steffen | pki --gen --type bliss --size 4 --outform pem > cakey4.pem |
55 | 3 | Andreas Steffen | secret key generation succeeded after 6 trials |
56 | 1 | Andreas Steffen | </pre> |
57 | 1 | Andreas Steffen | The PEM key format is printable |
58 | 2 | Andreas Steffen | <pre> |
59 | 21 | Andreas Steffen | cat cakey4.pem |
60 | 3 | Andreas Steffen | |
61 | 1 | Andreas Steffen | -----BEGIN BLISS PRIVATE KEY----- |
62 | 3 | Andreas Steffen | MIIFGgYLKwYBBAGCoCoFAgQDggOBAEOoiWS7mISnnPjzFJu6REHq1REYuLfillD2 |
63 | 3 | Andreas Steffen | VmmCWuB1NcL6GLTRFzwCMCw8KBLpyZhEAs6QlelSWVxPuBGMuQzQsmm9A3NjrV4U |
64 | 3 | Andreas Steffen | 655KXTkuiTpZP00qsfKuqh6EofkQ+89YK6qZNnxAeJ/mB9Dlkq9ELPjigNlZfUkd |
65 | 3 | Andreas Steffen | Ky2fBJkwdKLb75WermM3tOYts0X06j7M3WX8DdVsGgIrzC57shAiD9nyhrUNHB15 |
66 | 3 | Andreas Steffen | b9IymR84GW4BJofKVW2GJVeUyLnh8YP33OUx6F5aEqweSbi5dGtbDbr0WmK6LmNw |
67 | 3 | Andreas Steffen | dKQyv+hickbXGTWifAEktjpTApYjBBB6TZgiAW2P4T3dMq2ciQUbhCl1xWUlWF+2 |
68 | 3 | Andreas Steffen | iZbfFrcMb4dVrWOYbQRfvURmCkvJWsXHiijK8E+pmCDCruQg7TuRlIdXCRhSZrzY |
69 | 3 | Andreas Steffen | +pLcY7mKBfyCvrmYmmCMRQQXeTDnGI/9VhHJ6icK6Mqy2BwRVFj9FmSsAHmF9gkL |
70 | 3 | Andreas Steffen | hcaPlsgpLqaoK41FcJHjMbJIjWKaHkFXMQ0K943cM0ivB3EqRG68AptqH1QxkIi6 |
71 | 3 | Andreas Steffen | haUuQL6Nsl/tXo4VwyiVpm1faRQW5Re9L6KbEhLgnT3JeAft0zOOlHwx5myBDAxa |
72 | 3 | Andreas Steffen | s8LP9H/EyzpO4uyd1eHlqZvGEmlt9lhOikLwEohWDoZIpWFKrtfzciQMOugLq4m4 |
73 | 3 | Andreas Steffen | n+ueVo25rvq6MRwncj0FCwlt0nAhWeP8hQYTzhgFsBeheM4OaWVRhRPQmqYFrLRZ |
74 | 3 | Andreas Steffen | grvkgGIQd2IDKhjqCI7gpOi/KRG5RbnyvO4zaqLNy16Lk4exZ2iin19YQpmU613j |
75 | 3 | Andreas Steffen | EVLsMoRTQl2tE+aB0GJ0BpE3u0Aqnrp6ZhCJmK8CybfYAGhV5sly59Cds7QtIw8r |
76 | 3 | Andreas Steffen | 6pXl7Wd0q2sMFsUnqadcCwqoeOciqU+AwvQ+X2g4eilxV6D2TkLMMBUOYi5BqNdj |
77 | 3 | Andreas Steffen | a7pJAnUUMyEYvDXhMUYnjGlK3RFKHFCzCalQN0s5JLRTpLnTTy70TtvMaDJAWCwG |
78 | 3 | Andreas Steffen | OShSbNqr0zGNfnCsFjuppZ+5tQd7GRCgjL2uG0CDTIKEq5vmaH1d3FOldJX2uYYA |
79 | 3 | Andreas Steffen | O6QOKIThuiH3C0OgAQoLGoArsmFymtBXHxPZSjtE5SR+1YVCr4UEdGlSt2efJoxm |
80 | 3 | Andreas Steffen | eBaYki03CF2pSm7EDHxbEjDC9E3AeOfUW6Iq4dTGThjGNGnnBIbpv0mSdXFzWcZU |
81 | 3 | Andreas Steffen | 3rwQo51EA4HBAACSCPjwAOUCAOCCCOP/gCDzxzweEOByCAACeEP1wF+DxhwBiQTw |
82 | 3 | Andreas Steffen | AP/0AAQFx/z+SACPgR+ASePwOAOgAAQBwDiAV0OOCADwB0eOgAeAOORwMAPzwOQS |
83 | 3 | Andreas Steffen | CBuMAQOB+Px/x+AuCeRweeADzwACPyCP+RyQhgBzwOCBwSBwOB+SeQAQCOBwACAB |
84 | 3 | Andreas Steffen | 0eByABwQBwQAAeCBwgAAB/wACDwNyPgeQOPwAAR+OAR+AB+COAQCBx+QeB+R+B+Q |
85 | 3 | Andreas Steffen | CADjxwACPiARvwOBwQDjggcY7EEgAEHjcYAcogEHgccDjgcDg8fgAnjgAgfkgEgc |
86 | 3 | Andreas Steffen | DnjgAEbAn8ArnAhAAcAkAEgADkgAD8DgkDgkcDnkcE88jkjkgjgD9ccAg8cc8jjr |
87 | 3 | Andreas Steffen | kcgkABED8gAD8H/n8gAAj8AgEHj8D8D89Dfg4DAgEEAAgAj8HgkgAj8HgcHodAEk |
88 | 3 | Andreas Steffen | cn8DAL8AD/g//gcDkAEH/AAD/gcDnj8AkD8AcDgErkHjAAcA9AAAAcAcEEEgAAAg |
89 | 3 | Andreas Steffen | AYLoAgAEHgkDgYccgbk= |
90 | 1 | Andreas Steffen | -----END BLISS PRIVATE KEY----- |
91 | 1 | Andreas Steffen | </pre> |
92 | 3 | Andreas Steffen | At last let's generate a BLISS-III key with a cryptographic strength of 160 bits with the highest debug level enabled: |
93 | 3 | Andreas Steffen | <pre> |
94 | 13 | Andreas Steffen | pki --gen --type bliss --size 3 --debug 4 > cakey3.der |
95 | 3 | Andreas Steffen | |
96 | 3 | Andreas Steffen | mgf1 based on sha1 is seeded with 20 octets |
97 | 3 | Andreas Steffen | mgf1 generated 380 octets |
98 | 3 | Andreas Steffen | mgf1 based on sha1 is seeded with 20 octets |
99 | 3 | Andreas Steffen | mgf1 generated 380 octets |
100 | 3 | Andreas Steffen | l2 norm of s1||s2: 1401, Nk(S): 125552 (128626 max) |
101 | 3 | Andreas Steffen | |
102 | 3 | Andreas Steffen | secret key generation succeeded after 1 trial |
103 | 3 | Andreas Steffen | i f g a F G A |
104 | 3 | Andreas Steffen | 0 -1 1 11932 6730 11344 6400 |
105 | 3 | Andreas Steffen | 1 1 0 2227 1206 9396 6244 |
106 | 3 | Andreas Steffen | 2 -1 2 4844 496 414 4411 |
107 | 3 | Andreas Steffen | 3 -1 0 2768 2813 1412 6619 |
108 | 3 | Andreas Steffen | 4 0 2 3583 2753 3520 9237 |
109 | 3 | Andreas Steffen | 5 0 2 10160 2434 9512 8688 |
110 | 3 | Andreas Steffen | 6 0 2 8157 9071 10775 8990 |
111 | 3 | Andreas Steffen | 7 0 0 3862 5091 211 3126 |
112 | 3 | Andreas Steffen | 8 -1 0 3045 2278 5799 8812 |
113 | 3 | Andreas Steffen | 9 1 0 9942 5685 3335 541 |
114 | 3 | Andreas Steffen | 10 0 0 8236 1637 526 5000 |
115 | 3 | Andreas Steffen | 11 0 0 8638 9 9539 10618 |
116 | 3 | Andreas Steffen | 12 0 -2 11526 11882 8890 8976 |
117 | 3 | Andreas Steffen | 13 -1 0 12180 11895 3538 5231 |
118 | 3 | Andreas Steffen | 14 -2 0 6332 4243 11062 243 |
119 | 3 | Andreas Steffen | 15 0 0 4083 4302 3400 4000 |
120 | 3 | Andreas Steffen | 16 0 2 4545 6031 2766 1708 |
121 | 3 | Andreas Steffen | 17 0 0 1495 4119 8792 11954 |
122 | 3 | Andreas Steffen | 18 1 -2 5664 9450 5151 6621 |
123 | 3 | Andreas Steffen | 19 0 0 3580 1963 11193 1552 |
124 | 3 | Andreas Steffen | 20 -1 -2 7090 5950 10318 8445 |
125 | 3 | Andreas Steffen | 21 0 0 5180 8190 7147 11145 |
126 | 3 | Andreas Steffen | 22 0 -2 8455 12226 27 10533 |
127 | 3 | Andreas Steffen | 23 0 0 810 4585 6578 3333 |
128 | 3 | Andreas Steffen | 24 1 0 5316 9595 2034 7088 |
129 | 3 | Andreas Steffen | 25 0 0 10072 11746 10425 9554 |
130 | 3 | Andreas Steffen | 26 -1 0 4544 5888 7751 8402 |
131 | 3 | Andreas Steffen | 27 0 0 9529 10638 5983 9509 |
132 | 3 | Andreas Steffen | 28 0 0 6832 8019 5519 1124 |
133 | 3 | Andreas Steffen | 29 1 -2 8900 2356 4475 4326 |
134 | 3 | Andreas Steffen | 30 0 -2 4438 7452 2418 406 |
135 | 3 | Andreas Steffen | 31 -1 -2 363 9949 6078 3369 |
136 | 3 | Andreas Steffen | 32 0 0 6032 9713 11653 12232 |
137 | 3 | Andreas Steffen | 33 0 0 1342 11748 11094 4727 |
138 | 3 | Andreas Steffen | 34 -1 -2 780 9506 2687 5713 |
139 | 3 | Andreas Steffen | 35 1 0 1114 11518 5003 1173 |
140 | 3 | Andreas Steffen | 36 1 0 11561 8458 9766 5255 |
141 | 3 | Andreas Steffen | 37 0 0 932 4680 7848 10211 |
142 | 3 | Andreas Steffen | 38 0 0 4748 4235 6832 9975 |
143 | 3 | Andreas Steffen | 39 1 2 6338 9116 1371 9287 |
144 | 3 | Andreas Steffen | 40 0 0 9216 11714 11657 4532 |
145 | 3 | Andreas Steffen | 41 1 -2 1100 6203 6951 9887 |
146 | 3 | Andreas Steffen | 42 1 0 11955 9307 124 11984 |
147 | 3 | Andreas Steffen | 43 0 0 6550 6220 9948 11200 |
148 | 3 | Andreas Steffen | 44 1 0 10183 7920 2231 2050 |
149 | 3 | Andreas Steffen | 45 0 0 5858 10736 11843 4851 |
150 | 3 | Andreas Steffen | 46 1 0 4402 6459 5976 5509 |
151 | 3 | Andreas Steffen | 47 1 2 3354 2643 9397 11716 |
152 | 3 | Andreas Steffen | 48 1 -2 9937 3908 1174 11478 |
153 | 3 | Andreas Steffen | 49 2 0 11688 9298 10680 1833 |
154 | 3 | Andreas Steffen | 50 -1 2 5348 4731 12240 5286 |
155 | 3 | Andreas Steffen | 51 0 0 4594 1469 10189 5043 |
156 | 3 | Andreas Steffen | 52 0 2 6324 1006 6445 3268 |
157 | 3 | Andreas Steffen | 53 0 -4 2137 2707 4158 569 |
158 | 3 | Andreas Steffen | 54 -1 -2 340 2232 4643 9852 |
159 | 3 | Andreas Steffen | 55 -1 0 1784 8290 9620 3129 |
160 | 3 | Andreas Steffen | 56 1 0 7203 5610 11341 749 |
161 | 3 | Andreas Steffen | 57 0 0 6651 12057 10851 5621 |
162 | 3 | Andreas Steffen | 58 -1 0 383 5516 9861 2272 |
163 | 3 | Andreas Steffen | 59 2 0 10893 8086 1452 140 |
164 | 3 | Andreas Steffen | 60 0 0 7921 10970 6955 9293 |
165 | 3 | Andreas Steffen | 61 1 -2 4243 10170 5305 9178 |
166 | 3 | Andreas Steffen | 62 -1 2 3565 2730 3858 11021 |
167 | 3 | Andreas Steffen | 63 0 0 5697 1308 7157 8076 |
168 | 3 | Andreas Steffen | 64 0 -2 4079 5666 9079 5400 |
169 | 3 | Andreas Steffen | 65 1 0 3653 2895 1244 11606 |
170 | 3 | Andreas Steffen | 66 0 2 9829 6670 4713 3470 |
171 | 3 | Andreas Steffen | 67 1 -2 11728 5737 6142 2111 |
172 | 3 | Andreas Steffen | 68 1 -2 7403 10194 2903 2562 |
173 | 3 | Andreas Steffen | 69 -2 0 770 9857 301 4108 |
174 | 3 | Andreas Steffen | 70 0 -2 6771 2653 10239 2130 |
175 | 3 | Andreas Steffen | 71 0 0 7855 4463 7362 9248 |
176 | 3 | Andreas Steffen | 72 -1 0 10880 6688 3127 311 |
177 | 3 | Andreas Steffen | 73 -1 2 4691 8128 533 8290 |
178 | 3 | Andreas Steffen | 74 -1 -2 4037 3558 115 10006 |
179 | 3 | Andreas Steffen | 75 0 0 2284 389 6473 3776 |
180 | 3 | Andreas Steffen | 76 0 0 5390 9091 1720 7047 |
181 | 3 | Andreas Steffen | 77 0 2 4988 1314 11101 4376 |
182 | 3 | Andreas Steffen | 78 1 0 5858 6929 7217 3009 |
183 | 3 | Andreas Steffen | 79 0 0 8276 9115 9758 8600 |
184 | 3 | Andreas Steffen | 80 0 0 1719 3490 6518 2847 |
185 | 3 | Andreas Steffen | 81 0 0 3145 16 2434 10905 |
186 | 3 | Andreas Steffen | 82 1 0 12177 5643 1293 9983 |
187 | 3 | Andreas Steffen | 83 0 2 8860 7027 7247 4144 |
188 | 3 | Andreas Steffen | 84 0 -2 8029 11886 5161 8312 |
189 | 3 | Andreas Steffen | 85 0 0 6660 8970 4777 9518 |
190 | 3 | Andreas Steffen | 86 0 2 8940 2217 8996 6495 |
191 | 3 | Andreas Steffen | 87 0 0 4623 2243 11869 10300 |
192 | 3 | Andreas Steffen | 88 0 4 11841 4074 6347 3751 |
193 | 3 | Andreas Steffen | 89 -1 0 2220 12271 2346 3966 |
194 | 3 | Andreas Steffen | 90 0 2 11997 617 8162 8020 |
195 | 3 | Andreas Steffen | 91 0 -2 4335 73 10232 9399 |
196 | 3 | Andreas Steffen | 92 1 2 8016 10780 11912 11369 |
197 | 3 | Andreas Steffen | 93 0 -2 4302 7923 717 7152 |
198 | 3 | Andreas Steffen | 94 0 -2 8014 1252 8311 11638 |
199 | 3 | Andreas Steffen | 95 1 0 11580 975 1679 2699 |
200 | 3 | Andreas Steffen | 96 1 2 6246 3336 161 6745 |
201 | 3 | Andreas Steffen | 97 -1 -4 5081 9817 11892 6259 |
202 | 3 | Andreas Steffen | 98 0 0 4544 10997 12278 4499 |
203 | 3 | Andreas Steffen | 99 0 2 1616 9495 12225 10213 |
204 | 3 | Andreas Steffen | 100 -1 -2 8533 8912 6448 9929 |
205 | 3 | Andreas Steffen | 101 0 2 8850 8093 11649 9665 |
206 | 3 | Andreas Steffen | 102 1 -4 9776 4225 8805 9906 |
207 | 3 | Andreas Steffen | 103 -1 0 12203 5021 12232 10353 |
208 | 3 | Andreas Steffen | 104 1 2 1285 10557 8597 2897 |
209 | 3 | Andreas Steffen | 105 1 0 5553 11162 5268 10387 |
210 | 3 | Andreas Steffen | 106 -1 -2 6413 10365 11905 6694 |
211 | 3 | Andreas Steffen | 107 0 -2 1915 8797 5109 10630 |
212 | 3 | Andreas Steffen | 108 1 2 5668 7809 10108 689 |
213 | 3 | Andreas Steffen | 109 0 -2 5724 6433 9119 9062 |
214 | 3 | Andreas Steffen | 110 1 0 3193 2998 10987 4238 |
215 | 3 | Andreas Steffen | 111 0 2 3218 6756 10221 11532 |
216 | 3 | Andreas Steffen | 112 0 0 11475 1061 3999 2494 |
217 | 3 | Andreas Steffen | 113 0 0 1751 10398 9032 10926 |
218 | 3 | Andreas Steffen | 114 0 0 5049 4368 3557 9980 |
219 | 3 | Andreas Steffen | 115 0 0 6973 10707 10291 4631 |
220 | 3 | Andreas Steffen | 116 0 0 826 2759 8952 11976 |
221 | 3 | Andreas Steffen | 117 -2 0 11077 1210 8027 7898 |
222 | 3 | Andreas Steffen | 118 0 0 3361 8733 5169 237 |
223 | 3 | Andreas Steffen | 119 0 0 9447 10875 12077 11281 |
224 | 3 | Andreas Steffen | 120 0 0 7154 928 564 11601 |
225 | 3 | Andreas Steffen | 121 -1 -2 5099 1695 5523 11879 |
226 | 3 | Andreas Steffen | 122 0 -2 5533 6614 4882 7444 |
227 | 3 | Andreas Steffen | 123 0 2 2416 2221 11163 3679 |
228 | 3 | Andreas Steffen | 124 0 -2 683 8407 7179 11214 |
229 | 3 | Andreas Steffen | 125 -1 0 1698 4946 8846 5627 |
230 | 3 | Andreas Steffen | 126 0 2 11993 1197 5067 2037 |
231 | 3 | Andreas Steffen | 127 -1 2 11131 10689 4543 8346 |
232 | 3 | Andreas Steffen | 128 1 0 11684 12052 5700 5576 |
233 | 3 | Andreas Steffen | 129 0 0 11081 7285 5758 2882 |
234 | 3 | Andreas Steffen | 130 0 0 2204 10550 10764 10396 |
235 | 3 | Andreas Steffen | 131 0 0 5413 6834 237 9705 |
236 | 3 | Andreas Steffen | 132 0 0 3139 9589 3580 1000 |
237 | 3 | Andreas Steffen | 133 1 0 2435 10845 11335 4375 |
238 | 3 | Andreas Steffen | 134 0 0 5835 9461 5820 8967 |
239 | 3 | Andreas Steffen | 135 1 2 1986 7566 6638 7219 |
240 | 3 | Andreas Steffen | 136 1 2 12005 279 4775 854 |
241 | 3 | Andreas Steffen | 137 0 -2 11470 3603 1399 4755 |
242 | 3 | Andreas Steffen | 138 0 4 3665 10794 4373 10453 |
243 | 3 | Andreas Steffen | 139 0 0 6909 8265 11931 11831 |
244 | 3 | Andreas Steffen | 140 1 2 9201 4238 3547 9596 |
245 | 3 | Andreas Steffen | 141 1 -2 7577 11197 9585 4684 |
246 | 3 | Andreas Steffen | 142 0 0 8947 1967 2051 7873 |
247 | 3 | Andreas Steffen | 143 0 -2 9195 2467 6347 7903 |
248 | 3 | Andreas Steffen | 144 1 2 11017 8525 11401 10043 |
249 | 3 | Andreas Steffen | 145 -1 0 1786 7054 2174 5272 |
250 | 3 | Andreas Steffen | 146 0 0 2541 11091 10944 11808 |
251 | 3 | Andreas Steffen | 147 0 0 1685 12142 9116 11391 |
252 | 3 | Andreas Steffen | 148 0 -2 9324 10699 11938 1090 |
253 | 3 | Andreas Steffen | 149 1 -2 6706 2541 7886 7480 |
254 | 3 | Andreas Steffen | 150 1 0 10550 1341 3839 5373 |
255 | 3 | Andreas Steffen | 151 -1 -2 4665 7629 5217 2934 |
256 | 3 | Andreas Steffen | 152 0 2 1311 6833 4048 11099 |
257 | 3 | Andreas Steffen | 153 1 0 11994 1783 10226 2549 |
258 | 3 | Andreas Steffen | 154 1 0 9953 5962 11300 10712 |
259 | 3 | Andreas Steffen | 155 0 -2 2781 11449 395 11045 |
260 | 3 | Andreas Steffen | 156 -1 4 6768 7744 9122 6955 |
261 | 3 | Andreas Steffen | 157 0 -2 1288 10720 7913 9198 |
262 | 3 | Andreas Steffen | 158 0 2 3735 3959 3762 4924 |
263 | 3 | Andreas Steffen | 159 1 2 2817 4147 6807 6198 |
264 | 3 | Andreas Steffen | 160 0 0 2935 11500 11190 4051 |
265 | 3 | Andreas Steffen | 161 0 2 1193 7795 11414 3350 |
266 | 3 | Andreas Steffen | 162 -1 -2 757 3411 9464 4481 |
267 | 3 | Andreas Steffen | 163 0 -2 3830 7004 11979 593 |
268 | 3 | Andreas Steffen | 164 0 0 11945 57 6438 9168 |
269 | 3 | Andreas Steffen | 165 -2 2 1844 173 7130 9844 |
270 | 3 | Andreas Steffen | 166 1 0 1055 4376 673 559 |
271 | 3 | Andreas Steffen | 167 1 0 665 1744 11877 9442 |
272 | 3 | Andreas Steffen | 168 -1 0 190 3421 9077 5294 |
273 | 3 | Andreas Steffen | 169 -1 0 5948 4923 10003 9323 |
274 | 3 | Andreas Steffen | 170 0 -2 66 3154 7238 10273 |
275 | 3 | Andreas Steffen | 171 1 0 3608 7307 8272 11128 |
276 | 3 | Andreas Steffen | 172 0 -2 11068 10669 7822 12269 |
277 | 3 | Andreas Steffen | 173 -1 -2 2289 5725 7793 11084 |
278 | 3 | Andreas Steffen | 174 0 -2 2045 9528 5770 5250 |
279 | 3 | Andreas Steffen | 175 0 -2 5369 1937 9741 7669 |
280 | 3 | Andreas Steffen | 176 0 0 5495 973 32 8740 |
281 | 3 | Andreas Steffen | 177 1 -2 187 6219 10487 11605 |
282 | 3 | Andreas Steffen | 178 0 0 6664 3891 6930 9183 |
283 | 3 | Andreas Steffen | 179 0 -2 8951 3731 4350 10057 |
284 | 3 | Andreas Steffen | 180 0 -2 2119 8064 2295 14 |
285 | 3 | Andreas Steffen | 181 0 0 5587 7068 12132 419 |
286 | 3 | Andreas Steffen | 182 1 0 5551 9660 4283 5818 |
287 | 3 | Andreas Steffen | 183 1 -2 58 319 9240 1724 |
288 | 3 | Andreas Steffen | 184 0 2 9694 6238 4742 12274 |
289 | 3 | Andreas Steffen | 185 2 2 1752 10949 7406 7643 |
290 | 3 | Andreas Steffen | 186 0 2 4551 4296 5533 7516 |
291 | 3 | Andreas Steffen | 187 0 0 5809 2080 4616 3169 |
292 | 3 | Andreas Steffen | 188 0 -2 4805 9682 4940 10345 |
293 | 3 | Andreas Steffen | 189 0 4 5232 10223 8937 9376 |
294 | 3 | Andreas Steffen | 190 0 -2 4985 6043 7853 528 |
295 | 3 | Andreas Steffen | 191 1 0 11937 4497 1366 6015 |
296 | 3 | Andreas Steffen | 192 1 0 7724 7554 12130 1918 |
297 | 3 | Andreas Steffen | 193 0 -2 2011 4752 4070 3130 |
298 | 3 | Andreas Steffen | 194 0 0 8272 1015 1803 3973 |
299 | 3 | Andreas Steffen | 195 -1 0 7832 7988 9436 5558 |
300 | 3 | Andreas Steffen | 196 0 -4 8854 10413 11890 8575 |
301 | 3 | Andreas Steffen | 197 0 0 2277 3600 263 11719 |
302 | 3 | Andreas Steffen | 198 -1 2 2986 1000 9583 11721 |
303 | 3 | Andreas Steffen | 199 0 2 2907 8991 11579 11775 |
304 | 3 | Andreas Steffen | 200 0 2 7872 2207 9525 1285 |
305 | 3 | Andreas Steffen | 201 1 0 7562 9107 2777 2830 |
306 | 3 | Andreas Steffen | 202 -2 -2 10678 10608 9041 10880 |
307 | 3 | Andreas Steffen | 203 0 0 656 11804 3455 2400 |
308 | 3 | Andreas Steffen | 204 -1 -2 4799 3910 3626 6180 |
309 | 3 | Andreas Steffen | 205 -1 0 1998 5423 2614 5813 |
310 | 3 | Andreas Steffen | 206 0 0 2327 11665 8051 2567 |
311 | 3 | Andreas Steffen | 207 0 0 282 6807 4478 1129 |
312 | 3 | Andreas Steffen | 208 0 -2 7967 3811 12284 6446 |
313 | 3 | Andreas Steffen | 209 -1 0 3169 11501 11972 11650 |
314 | 3 | Andreas Steffen | 210 -1 0 2614 4186 5549 10021 |
315 | 3 | Andreas Steffen | 211 1 -2 11856 11417 10104 6753 |
316 | 3 | Andreas Steffen | 212 1 0 3692 2680 3800 12107 |
317 | 3 | Andreas Steffen | 213 0 2 4639 5506 11526 6189 |
318 | 3 | Andreas Steffen | 214 0 0 6373 9147 2814 9738 |
319 | 3 | Andreas Steffen | 215 0 0 1942 1124 9011 3124 |
320 | 3 | Andreas Steffen | 216 0 2 5163 558 11376 4381 |
321 | 3 | Andreas Steffen | 217 0 0 11687 9612 8623 84 |
322 | 3 | Andreas Steffen | 218 0 0 8537 3843 11615 35 |
323 | 3 | Andreas Steffen | 219 1 0 11885 4846 3711 6409 |
324 | 3 | Andreas Steffen | 220 0 2 9728 8703 2262 5270 |
325 | 3 | Andreas Steffen | 221 -1 -2 4928 745 4084 3453 |
326 | 3 | Andreas Steffen | 222 0 2 2383 5711 4946 10846 |
327 | 3 | Andreas Steffen | 223 0 -2 2480 3190 11514 2446 |
328 | 3 | Andreas Steffen | 224 0 2 8786 4156 10444 381 |
329 | 3 | Andreas Steffen | 225 0 0 7294 3059 859 5500 |
330 | 3 | Andreas Steffen | 226 0 -2 2793 4752 4311 11196 |
331 | 3 | Andreas Steffen | 227 -1 2 9428 8892 6184 2715 |
332 | 3 | Andreas Steffen | 228 1 0 3240 6263 8476 7279 |
333 | 3 | Andreas Steffen | 229 0 0 2533 993 6898 5972 |
334 | 3 | Andreas Steffen | 230 -1 2 6513 1130 623 3622 |
335 | 3 | Andreas Steffen | 231 -1 0 2175 455 8066 855 |
336 | 3 | Andreas Steffen | 232 1 -2 8930 11192 11277 6039 |
337 | 3 | Andreas Steffen | 233 -1 0 10052 9546 1723 3691 |
338 | 3 | Andreas Steffen | 234 0 0 12282 10488 5953 11501 |
339 | 3 | Andreas Steffen | 235 1 0 966 2764 1478 7550 |
340 | 3 | Andreas Steffen | 236 0 4 2689 4295 136 7671 |
341 | 3 | Andreas Steffen | 237 0 0 2735 10452 7686 5468 |
342 | 3 | Andreas Steffen | 238 -1 0 7155 3804 11767 4710 |
343 | 3 | Andreas Steffen | 239 1 2 6875 1049 8317 1238 |
344 | 3 | Andreas Steffen | 240 -1 -2 5800 4804 10126 7221 |
345 | 3 | Andreas Steffen | 241 0 2 10256 8623 4292 11309 |
346 | 3 | Andreas Steffen | 242 -1 0 9012 8378 9611 5688 |
347 | 3 | Andreas Steffen | 243 -1 2 4014 1882 3226 12134 |
348 | 3 | Andreas Steffen | 244 0 2 11698 2629 1993 9817 |
349 | 3 | Andreas Steffen | 245 1 -2 9293 4184 3392 10739 |
350 | 3 | Andreas Steffen | 246 0 2 93 852 8664 11953 |
351 | 3 | Andreas Steffen | 247 0 2 6230 8044 8507 6969 |
352 | 3 | Andreas Steffen | 248 -1 2 6093 7622 10297 8445 |
353 | 3 | Andreas Steffen | 249 -1 0 10974 7821 3675 3517 |
354 | 3 | Andreas Steffen | 250 -1 -2 4760 11952 9509 11495 |
355 | 3 | Andreas Steffen | 251 0 -2 7410 5638 8286 2604 |
356 | 3 | Andreas Steffen | 252 0 0 313 2955 7834 4178 |
357 | 3 | Andreas Steffen | 253 -1 0 9733 3273 12249 11493 |
358 | 3 | Andreas Steffen | 254 -1 0 682 9048 9531 3876 |
359 | 3 | Andreas Steffen | 255 1 -2 2283 179 4322 9567 |
360 | 3 | Andreas Steffen | 256 0 0 10470 1633 2290 9062 |
361 | 3 | Andreas Steffen | 257 0 -2 11005 5584 7880 6991 |
362 | 3 | Andreas Steffen | 258 1 -2 2732 7686 7623 8563 |
363 | 3 | Andreas Steffen | 259 0 0 8845 9994 6380 2032 |
364 | 3 | Andreas Steffen | 260 0 -2 9527 785 4071 4639 |
365 | 3 | Andreas Steffen | 261 0 -2 7141 5116 474 9863 |
366 | 3 | Andreas Steffen | 262 0 0 8896 9356 8790 4233 |
367 | 3 | Andreas Steffen | 263 0 -2 8781 5058 11323 5758 |
368 | 3 | Andreas Steffen | 264 -1 -2 2106 4848 5472 3773 |
369 | 3 | Andreas Steffen | 265 0 0 10312 2028 1706 5806 |
370 | 3 | Andreas Steffen | 266 -1 0 11587 11556 10433 7614 |
371 | 3 | Andreas Steffen | 267 -1 0 9354 4702 4673 11174 |
372 | 3 | Andreas Steffen | 268 1 2 4179 310 1572 9202 |
373 | 3 | Andreas Steffen | 269 0 0 231 7881 4637 8778 |
374 | 3 | Andreas Steffen | 270 0 0 10643 12282 3262 11823 |
375 | 3 | Andreas Steffen | 271 0 2 4803 573 11021 12201 |
376 | 3 | Andreas Steffen | 272 -1 0 11942 2736 1772 881 |
377 | 3 | Andreas Steffen | 273 1 0 10172 5565 7021 1748 |
378 | 3 | Andreas Steffen | 274 0 2 8091 902 11967 2343 |
379 | 3 | Andreas Steffen | 275 1 0 6507 2055 1543 1125 |
380 | 3 | Andreas Steffen | 276 0 0 8363 4684 8421 7891 |
381 | 3 | Andreas Steffen | 277 0 2 11435 7507 3108 1495 |
382 | 3 | Andreas Steffen | 278 1 0 1121 5376 1638 8545 |
383 | 3 | Andreas Steffen | 279 1 2 6659 7231 2291 9356 |
384 | 3 | Andreas Steffen | 280 2 -2 11535 5948 8451 10276 |
385 | 3 | Andreas Steffen | 281 0 2 9996 5929 11267 11752 |
386 | 3 | Andreas Steffen | 282 0 0 9341 11999 10535 9922 |
387 | 3 | Andreas Steffen | 283 0 0 1156 407 2491 5743 |
388 | 3 | Andreas Steffen | 284 1 0 10878 9742 11436 7146 |
389 | 3 | Andreas Steffen | 285 1 0 4269 10191 6723 1057 |
390 | 3 | Andreas Steffen | 286 0 0 3150 6385 11151 8222 |
391 | 3 | Andreas Steffen | 287 -1 2 10602 12270 1942 11540 |
392 | 3 | Andreas Steffen | 288 -1 0 4149 9389 5193 155 |
393 | 3 | Andreas Steffen | 289 1 0 2220 1914 7033 2039 |
394 | 3 | Andreas Steffen | 290 1 -2 5849 9681 7990 10354 |
395 | 3 | Andreas Steffen | 291 0 -2 578 1167 9422 2925 |
396 | 3 | Andreas Steffen | 292 0 2 2784 4352 1474 8850 |
397 | 3 | Andreas Steffen | 293 0 2 2831 7803 7941 10471 |
398 | 3 | Andreas Steffen | 294 1 -2 1505 5309 1529 10706 |
399 | 3 | Andreas Steffen | 295 -1 -2 12152 3117 1462 5319 |
400 | 3 | Andreas Steffen | 296 0 0 12015 10147 2163 3011 |
401 | 3 | Andreas Steffen | 297 0 2 12204 3215 10166 351 |
402 | 3 | Andreas Steffen | 298 -1 0 3251 7021 9039 9355 |
403 | 3 | Andreas Steffen | 299 0 0 5488 2986 1862 5927 |
404 | 3 | Andreas Steffen | 300 1 0 7988 280 3983 11996 |
405 | 3 | Andreas Steffen | 301 0 -2 11691 944 6647 7206 |
406 | 3 | Andreas Steffen | 302 0 -2 5811 8894 11593 4438 |
407 | 3 | Andreas Steffen | 303 1 2 11242 8285 3494 3099 |
408 | 3 | Andreas Steffen | 304 0 0 1369 3781 11946 9679 |
409 | 3 | Andreas Steffen | 305 0 0 4923 855 11924 2443 |
410 | 3 | Andreas Steffen | 306 0 0 10077 6525 5892 12143 |
411 | 3 | Andreas Steffen | 307 0 0 5765 923 7601 5041 |
412 | 3 | Andreas Steffen | 308 -1 0 11585 4403 7020 7236 |
413 | 3 | Andreas Steffen | 309 -1 0 9508 11281 9550 8744 |
414 | 3 | Andreas Steffen | 310 -1 2 8015 7011 6196 851 |
415 | 3 | Andreas Steffen | 311 0 0 10282 6674 7084 1139 |
416 | 3 | Andreas Steffen | 312 -1 0 366 5463 5297 11037 |
417 | 3 | Andreas Steffen | 313 0 0 3271 3185 6778 10142 |
418 | 3 | Andreas Steffen | 314 -1 0 6295 3530 2128 3092 |
419 | 3 | Andreas Steffen | 315 -1 2 2446 9761 5698 9652 |
420 | 3 | Andreas Steffen | 316 0 0 6414 6084 11668 2854 |
421 | 3 | Andreas Steffen | 317 1 0 7954 11099 5621 8453 |
422 | 3 | Andreas Steffen | 318 1 0 8505 3817 6471 8585 |
423 | 3 | Andreas Steffen | 319 0 -2 10555 260 7709 1873 |
424 | 3 | Andreas Steffen | 320 0 0 4679 8577 2591 3492 |
425 | 3 | Andreas Steffen | 321 1 0 4517 10562 7356 10826 |
426 | 3 | Andreas Steffen | 322 0 0 5129 7378 6792 11094 |
427 | 3 | Andreas Steffen | 323 1 0 11014 1117 906 7306 |
428 | 3 | Andreas Steffen | 324 -1 -2 8930 3044 7558 1690 |
429 | 3 | Andreas Steffen | 325 0 -2 12034 5641 5602 3833 |
430 | 3 | Andreas Steffen | 326 1 0 4468 8161 11613 1703 |
431 | 3 | Andreas Steffen | 327 0 0 9452 5643 6465 759 |
432 | 3 | Andreas Steffen | 328 -1 0 4250 1062 8885 5366 |
433 | 3 | Andreas Steffen | 329 0 0 2562 11062 10606 12050 |
434 | 3 | Andreas Steffen | 330 0 0 11004 5092 1145 9690 |
435 | 3 | Andreas Steffen | 331 0 0 3971 4167 9338 10914 |
436 | 3 | Andreas Steffen | 332 0 -2 4640 2905 8263 8180 |
437 | 3 | Andreas Steffen | 333 -1 2 11466 11858 4479 8686 |
438 | 3 | Andreas Steffen | 334 -2 -2 2263 10527 11374 8335 |
439 | 3 | Andreas Steffen | 335 -1 2 8803 10486 6140 10827 |
440 | 3 | Andreas Steffen | 336 0 0 1608 10434 277 3299 |
441 | 3 | Andreas Steffen | 337 0 0 8846 4037 5405 10610 |
442 | 3 | Andreas Steffen | 338 0 2 2025 9028 11374 249 |
443 | 3 | Andreas Steffen | 339 0 0 7495 5760 9448 3603 |
444 | 3 | Andreas Steffen | 340 0 2 15 10858 10180 53 |
445 | 3 | Andreas Steffen | 341 0 0 2216 822 8232 10505 |
446 | 3 | Andreas Steffen | 342 0 0 4552 6213 8198 2721 |
447 | 3 | Andreas Steffen | 343 -1 0 8537 12065 4985 6616 |
448 | 3 | Andreas Steffen | 344 1 0 59 1083 5343 4975 |
449 | 3 | Andreas Steffen | 345 0 0 6820 2485 7426 8044 |
450 | 3 | Andreas Steffen | 346 0 -2 79 3592 780 2094 |
451 | 3 | Andreas Steffen | 347 0 2 6060 2269 1661 5628 |
452 | 3 | Andreas Steffen | 348 -1 0 483 7927 6962 9842 |
453 | 3 | Andreas Steffen | 349 -1 0 10399 11975 182 8453 |
454 | 3 | Andreas Steffen | 350 1 2 10965 8081 9568 12240 |
455 | 3 | Andreas Steffen | 351 -1 0 6177 9642 10608 1217 |
456 | 3 | Andreas Steffen | 352 0 -2 3647 7424 6312 11588 |
457 | 3 | Andreas Steffen | 353 0 -2 10821 5412 7478 9670 |
458 | 3 | Andreas Steffen | 354 0 2 7993 8400 9262 9133 |
459 | 3 | Andreas Steffen | 355 0 -2 12183 9287 5467 4145 |
460 | 3 | Andreas Steffen | 356 1 -2 11881 11278 2062 2271 |
461 | 3 | Andreas Steffen | 357 0 0 11023 11205 4098 9315 |
462 | 3 | Andreas Steffen | 358 0 0 2486 1161 4531 11806 |
463 | 3 | Andreas Steffen | 359 0 2 7820 8932 2128 6164 |
464 | 3 | Andreas Steffen | 360 0 -2 4830 2661 6650 6782 |
465 | 3 | Andreas Steffen | 361 0 0 1280 8451 7065 2723 |
466 | 3 | Andreas Steffen | 362 1 -4 3505 2948 7690 10249 |
467 | 3 | Andreas Steffen | 363 0 0 1931 604 857 11619 |
468 | 3 | Andreas Steffen | 364 -1 0 4519 1694 1682 7386 |
469 | 3 | Andreas Steffen | 365 1 0 7001 5943 10006 9007 |
470 | 3 | Andreas Steffen | 366 1 0 6867 7829 3179 9453 |
471 | 3 | Andreas Steffen | 367 0 2 6439 1013 9753 968 |
472 | 3 | Andreas Steffen | 368 0 -2 471 7027 6703 4401 |
473 | 3 | Andreas Steffen | 369 0 2 10693 6320 2472 5896 |
474 | 3 | Andreas Steffen | 370 1 0 6616 5825 5027 4446 |
475 | 3 | Andreas Steffen | 371 0 -4 2610 2936 10741 11669 |
476 | 3 | Andreas Steffen | 372 -1 0 10505 5607 7619 11326 |
477 | 3 | Andreas Steffen | 373 -1 0 8796 8925 6540 641 |
478 | 3 | Andreas Steffen | 374 0 0 7862 9942 2067 7361 |
479 | 3 | Andreas Steffen | 375 2 2 5933 11598 7281 2337 |
480 | 3 | Andreas Steffen | 376 0 0 4397 9644 2961 575 |
481 | 3 | Andreas Steffen | 377 0 0 11546 3667 60 496 |
482 | 3 | Andreas Steffen | 378 0 2 10359 897 6655 9940 |
483 | 3 | Andreas Steffen | 379 0 0 8042 11627 7627 4091 |
484 | 3 | Andreas Steffen | 380 0 2 7229 5196 10305 4323 |
485 | 3 | Andreas Steffen | 381 0 2 11076 8341 5590 590 |
486 | 3 | Andreas Steffen | 382 1 -2 5915 587 3514 10997 |
487 | 3 | Andreas Steffen | 383 0 0 4235 5733 1374 7164 |
488 | 3 | Andreas Steffen | 384 0 -2 6883 2313 3411 910 |
489 | 3 | Andreas Steffen | 385 2 0 5537 5149 391 10153 |
490 | 3 | Andreas Steffen | 386 0 0 4786 9993 11959 7183 |
491 | 3 | Andreas Steffen | 387 1 0 8660 4137 8672 1422 |
492 | 3 | Andreas Steffen | 388 -1 0 10388 8443 6742 3136 |
493 | 3 | Andreas Steffen | 389 -1 0 3028 4136 7848 1024 |
494 | 3 | Andreas Steffen | 390 -1 -2 3013 9457 3424 5692 |
495 | 3 | Andreas Steffen | 391 0 2 6434 10654 246 8185 |
496 | 3 | Andreas Steffen | 392 -1 0 5801 5730 384 4298 |
497 | 3 | Andreas Steffen | 393 0 0 3559 11131 6623 3040 |
498 | 3 | Andreas Steffen | 394 0 2 6911 3462 6279 10768 |
499 | 3 | Andreas Steffen | 395 0 0 2559 11098 1487 5746 |
500 | 3 | Andreas Steffen | 396 0 0 6942 1081 5465 2597 |
501 | 3 | Andreas Steffen | 397 0 0 6852 666 5872 6467 |
502 | 3 | Andreas Steffen | 398 0 0 10873 4863 11256 4225 |
503 | 3 | Andreas Steffen | 399 1 -2 3670 513 2689 1203 |
504 | 3 | Andreas Steffen | 400 1 0 11066 6794 6433 4163 |
505 | 3 | Andreas Steffen | 401 0 2 4927 11148 7593 4700 |
506 | 3 | Andreas Steffen | 402 0 2 5570 7675 6432 9507 |
507 | 3 | Andreas Steffen | 403 0 0 9882 11756 11480 4705 |
508 | 3 | Andreas Steffen | 404 1 2 9553 7076 9700 2926 |
509 | 3 | Andreas Steffen | 405 -1 2 9678 12074 7468 11797 |
510 | 3 | Andreas Steffen | 406 0 2 3955 2530 10255 10763 |
511 | 3 | Andreas Steffen | 407 1 0 10843 8488 12022 6421 |
512 | 3 | Andreas Steffen | 408 0 0 2514 2611 6629 2177 |
513 | 3 | Andreas Steffen | 409 -2 -2 1934 6748 5463 3878 |
514 | 3 | Andreas Steffen | 410 1 -2 2677 5860 4847 11948 |
515 | 3 | Andreas Steffen | 411 1 0 2065 8327 9459 7023 |
516 | 3 | Andreas Steffen | 412 0 0 6908 5681 530 4705 |
517 | 3 | Andreas Steffen | 413 0 0 10718 6791 9883 10546 |
518 | 3 | Andreas Steffen | 414 -1 0 10338 11007 3468 2087 |
519 | 3 | Andreas Steffen | 415 1 0 7817 625 11048 7745 |
520 | 3 | Andreas Steffen | 416 0 0 11023 4466 10734 10811 |
521 | 3 | Andreas Steffen | 417 0 0 6306 7136 5359 9233 |
522 | 3 | Andreas Steffen | 418 0 0 1858 10575 2337 11205 |
523 | 3 | Andreas Steffen | 419 0 0 1118 2777 6009 7711 |
524 | 3 | Andreas Steffen | 420 1 0 8755 4003 5535 8938 |
525 | 3 | Andreas Steffen | 421 -1 0 12259 1775 2505 8171 |
526 | 3 | Andreas Steffen | 422 0 0 5186 12038 9054 9707 |
527 | 3 | Andreas Steffen | 423 -1 0 8317 9867 2073 6580 |
528 | 3 | Andreas Steffen | 424 0 -2 3750 7074 7221 12191 |
529 | 3 | Andreas Steffen | 425 -1 -2 7076 6288 3318 10214 |
530 | 3 | Andreas Steffen | 426 0 0 4066 8076 12163 3442 |
531 | 3 | Andreas Steffen | 427 1 2 5009 366 10803 1339 |
532 | 3 | Andreas Steffen | 428 2 0 7392 9060 4955 11591 |
533 | 3 | Andreas Steffen | 429 -1 -4 9381 8187 9349 5579 |
534 | 3 | Andreas Steffen | 430 0 0 6499 4642 5787 12187 |
535 | 3 | Andreas Steffen | 431 1 2 11461 11653 3278 7917 |
536 | 3 | Andreas Steffen | 432 1 0 8976 7597 613 6477 |
537 | 3 | Andreas Steffen | 433 0 -2 9335 10397 6485 11019 |
538 | 3 | Andreas Steffen | 434 0 -2 7590 5554 4787 9128 |
539 | 3 | Andreas Steffen | 435 -1 -2 7109 7497 615 8655 |
540 | 3 | Andreas Steffen | 436 1 2 5984 709 9806 6063 |
541 | 3 | Andreas Steffen | 437 1 0 4451 1057 1327 2187 |
542 | 3 | Andreas Steffen | 438 0 0 6532 2071 1809 9139 |
543 | 3 | Andreas Steffen | 439 0 0 5657 1586 11166 5121 |
544 | 3 | Andreas Steffen | 440 0 0 3926 7845 1167 7773 |
545 | 3 | Andreas Steffen | 441 0 0 6347 293 1762 11582 |
546 | 3 | Andreas Steffen | 442 0 0 12239 10323 4500 6461 |
547 | 3 | Andreas Steffen | 443 1 -2 1977 3819 4233 7946 |
548 | 3 | Andreas Steffen | 444 0 0 5851 9874 3996 8822 |
549 | 3 | Andreas Steffen | 445 -1 2 3107 3834 5546 9707 |
550 | 3 | Andreas Steffen | 446 1 0 5636 11215 11094 5276 |
551 | 3 | Andreas Steffen | 447 -1 0 12270 4649 5 11911 |
552 | 3 | Andreas Steffen | 448 1 -2 6452 394 1732 3872 |
553 | 3 | Andreas Steffen | 449 -2 0 11019 764 1006 10907 |
554 | 3 | Andreas Steffen | 450 0 -4 11659 6297 4922 4827 |
555 | 3 | Andreas Steffen | 451 1 2 890 9098 11786 3678 |
556 | 3 | Andreas Steffen | 452 1 2 7670 7736 2460 10669 |
557 | 3 | Andreas Steffen | 453 0 2 2047 7505 11511 3057 |
558 | 3 | Andreas Steffen | 454 0 0 12148 5933 9508 9426 |
559 | 3 | Andreas Steffen | 455 0 0 5596 3895 2879 7412 |
560 | 3 | Andreas Steffen | 456 0 2 6504 2290 4180 9071 |
561 | 3 | Andreas Steffen | 457 1 0 8051 946 316 11380 |
562 | 3 | Andreas Steffen | 458 0 -2 2479 10389 6976 2480 |
563 | 3 | Andreas Steffen | 459 -1 0 10512 10125 6279 6329 |
564 | 3 | Andreas Steffen | 460 0 0 4709 6976 7912 6808 |
565 | 3 | Andreas Steffen | 461 0 2 6605 9934 10200 10093 |
566 | 3 | Andreas Steffen | 462 -1 0 949 7882 3698 1544 |
567 | 3 | Andreas Steffen | 463 1 -2 10292 3467 350 3293 |
568 | 3 | Andreas Steffen | 464 1 0 6448 9423 1313 2345 |
569 | 3 | Andreas Steffen | 465 0 2 692 6812 7583 6050 |
570 | 3 | Andreas Steffen | 466 1 0 3635 4184 2733 3816 |
571 | 3 | Andreas Steffen | 467 0 0 12067 5816 10128 11192 |
572 | 3 | Andreas Steffen | 468 0 0 9902 8712 11275 6813 |
573 | 3 | Andreas Steffen | 469 0 0 10938 7970 1902 7019 |
574 | 3 | Andreas Steffen | 470 1 0 9568 4228 242 5633 |
575 | 3 | Andreas Steffen | 471 0 0 2196 5792 6794 10300 |
576 | 3 | Andreas Steffen | 472 0 0 4075 157 8672 2560 |
577 | 3 | Andreas Steffen | 473 0 -4 2110 3629 9461 9122 |
578 | 3 | Andreas Steffen | 474 -2 -2 3412 4091 7245 4018 |
579 | 3 | Andreas Steffen | 475 0 0 11653 40 5765 10897 |
580 | 3 | Andreas Steffen | 476 0 0 10799 728 9056 10951 |
581 | 3 | Andreas Steffen | 477 0 0 2114 2282 3786 314 |
582 | 3 | Andreas Steffen | 478 -1 2 817 10585 8784 10553 |
583 | 3 | Andreas Steffen | 479 -1 0 3705 12125 8654 5792 |
584 | 3 | Andreas Steffen | 480 0 -4 1808 8664 196 4624 |
585 | 3 | Andreas Steffen | 481 -1 2 5841 1907 7238 7769 |
586 | 3 | Andreas Steffen | 482 0 0 8769 9263 6687 676 |
587 | 3 | Andreas Steffen | 483 0 0 3412 9123 9517 1111 |
588 | 3 | Andreas Steffen | 484 -1 0 4204 49 11892 6011 |
589 | 3 | Andreas Steffen | 485 -1 0 11196 448 3872 2642 |
590 | 3 | Andreas Steffen | 486 0 0 651 2142 3834 6611 |
591 | 3 | Andreas Steffen | 487 1 4 7208 10823 6626 12033 |
592 | 3 | Andreas Steffen | 488 0 -2 8558 10995 11169 2660 |
593 | 3 | Andreas Steffen | 489 0 0 7955 2079 1785 7697 |
594 | 3 | Andreas Steffen | 490 1 0 5565 11081 6935 1449 |
595 | 3 | Andreas Steffen | 491 0 2 11661 2880 10737 887 |
596 | 3 | Andreas Steffen | 492 -1 -2 2546 3372 1543 2424 |
597 | 3 | Andreas Steffen | 493 1 0 1667 10715 7245 11246 |
598 | 3 | Andreas Steffen | 494 0 0 93 456 1273 2563 |
599 | 3 | Andreas Steffen | 495 0 0 3205 2733 6176 7453 |
600 | 3 | Andreas Steffen | 496 1 0 12191 7834 2926 12258 |
601 | 3 | Andreas Steffen | 497 0 0 3788 5251 935 6085 |
602 | 3 | Andreas Steffen | 498 0 0 10114 12224 8954 11395 |
603 | 3 | Andreas Steffen | 499 0 -2 7464 568 5744 7972 |
604 | 3 | Andreas Steffen | 500 -1 0 1992 6344 10425 3471 |
605 | 3 | Andreas Steffen | 501 -1 0 5249 7024 675 3466 |
606 | 3 | Andreas Steffen | 502 0 2 8334 3338 1945 4805 |
607 | 3 | Andreas Steffen | 503 0 0 8566 837 6796 2416 |
608 | 3 | Andreas Steffen | 504 -1 2 1905 3844 2872 1612 |
609 | 3 | Andreas Steffen | 505 0 2 377 8680 5459 608 |
610 | 3 | Andreas Steffen | 506 0 0 1990 7692 10261 6844 |
611 | 3 | Andreas Steffen | 507 0 2 5170 9084 10608 4433 |
612 | 3 | Andreas Steffen | 508 0 0 11365 3048 11553 3451 |
613 | 3 | Andreas Steffen | 509 0 -2 12098 6095 11214 3125 |
614 | 3 | Andreas Steffen | 510 1 -2 1431 2633 10329 5488 |
615 | 3 | Andreas Steffen | 511 -1 -2 3846 4226 8410 4614 |
616 | 3 | Andreas Steffen | </pre> |
617 | 10 | Andreas Steffen | Shown are the 512 small coefficients of the private keys *f* = *s1* and *g* = 2 * *s2* + 1 as well as their Number Theoretic Transforms (NTT) *F* and *G*, respectively. The BLISS public key *A* is computed as the component-wise inverse of *F* * *G* and the reverse NTT gives *a* = 1/(*f* * *g*) mod q with the 14 bit modulus q = 12289. Sometime it happens that *F* * *G* is not invertible, so that the following debug message is output |
618 | 4 | Andreas Steffen | <pre> |
619 | 4 | Andreas Steffen | S1[91] is zero - s1 is not invertible |
620 | 4 | Andreas Steffen | </pre> |
621 | 4 | Andreas Steffen | and another trial run is started. |
622 | 7 | Andreas Steffen | |
623 | 10 | Andreas Steffen | h2. BLISS Root CA Certificate Generation |
624 | 7 | Andreas Steffen | |
625 | 7 | Andreas Steffen | A self-signed BLISS CA certificate can be generated with the following command |
626 | 7 | Andreas Steffen | <pre> |
627 | 21 | Andreas Steffen | pki --self --type bliss --in cakey4.pem --ca --dn "C=CH, O=strongSwan Project, CN=strongSwan BLISS Root CA" --lifetime 3653 --debug 2 --outform pem > cacert4.pem |
628 | 7 | Andreas Steffen | |
629 | 7 | Andreas Steffen | file content is not binary ASN.1 |
630 | 7 | Andreas Steffen | -----BEGIN BLISS PRIVATE KEY----- |
631 | 7 | Andreas Steffen | -----END BLISS PRIVATE KEY----- |
632 | 7 | Andreas Steffen | |
633 | 7 | Andreas Steffen | L0 - BLISSPrivateKey: |
634 | 7 | Andreas Steffen | L1 - keyType: |
635 | 7 | Andreas Steffen | 'BLISS-IV' |
636 | 7 | Andreas Steffen | L1 - public: |
637 | 7 | Andreas Steffen | L1 - secret1: |
638 | 7 | Andreas Steffen | L1 - secret2: |
639 | 8 | Andreas Steffen | |
640 | 7 | Andreas Steffen | L0 - subjectPublicKeyInfo: |
641 | 7 | Andreas Steffen | L1 - algorithm: |
642 | 7 | Andreas Steffen | L2 - algorithmIdentifier: |
643 | 7 | Andreas Steffen | L3 - algorithm: |
644 | 7 | Andreas Steffen | 'blissPublicKey' |
645 | 7 | Andreas Steffen | L3 - parameters: |
646 | 7 | Andreas Steffen | L4 - blissKeyType: |
647 | 7 | Andreas Steffen | 'BLISS-IV' |
648 | 7 | Andreas Steffen | L1 - subjectPublicKey: |
649 | 7 | Andreas Steffen | |
650 | 7 | Andreas Steffen | mgf1 based on sha256 is seeded with 32 octets |
651 | 11 | Andreas Steffen | y1 = -859..738 (sigma2 = 71786, mean = -6.6) |
652 | 11 | Andreas Steffen | y2 = -852..644 (sigma2 = 65618, mean = 2.0) |
653 | 11 | Andreas Steffen | norm2(s1*c) + norm2(s2*c) = 63602, rejected |
654 | 11 | Andreas Steffen | mgf1 generated 10304 octets |
655 | 1 | Andreas Steffen | |
656 | 1 | Andreas Steffen | mgf1 based on sha256 is seeded with 32 octets |
657 | 11 | Andreas Steffen | y1 = -942..726 (sigma2 = 81503, mean = -8.6) |
658 | 11 | Andreas Steffen | y2 = -876..893 (sigma2 = 69883, mean = 2.4) |
659 | 11 | Andreas Steffen | norm2(s1*c) + norm2(s2*c) = 66020, accepted |
660 | 11 | Andreas Steffen | scalar(z1,s1*c) + scalar(z2,s2*c) = 86651, rejected |
661 | 11 | Andreas Steffen | mgf1 generated 10528 octets |
662 | 1 | Andreas Steffen | |
663 | 11 | Andreas Steffen | mgf1 based on sha256 is seeded with 32 octets |
664 | 11 | Andreas Steffen | y1 = -862..785 (sigma2 = 72628, mean = -7.1) |
665 | 11 | Andreas Steffen | y2 = -782..921 (sigma2 = 74618, mean = 4.1) |
666 | 11 | Andreas Steffen | norm2(s1*c) + norm2(s2*c) = 64940, accepted |
667 | 11 | Andreas Steffen | scalar(z1,s1*c) + scalar(z2,s2*c) = -176380, accepted |
668 | 7 | Andreas Steffen | |
669 | 11 | Andreas Steffen | z1 = -873..780, z2d = -3..4 |
670 | 11 | Andreas Steffen | |
671 | 11 | Andreas Steffen | efficiency of Huffman coder is 3.4121 bits/tuple (1747 bits) |
672 | 11 | Andreas Steffen | generated BLISS signature (6706 bits encoded in 839 bytes) |
673 | 11 | Andreas Steffen | |
674 | 11 | Andreas Steffen | signature generation needed 3 rounds |
675 | 11 | Andreas Steffen | mgf1 generated 10656 octets |
676 | 10 | Andreas Steffen | </pre> |
677 | 11 | Andreas Steffen | With a debug level of 2 you get quite a lot of debug information. Starting from the top, the automatic conversion from PEM to DER format is shown, followed by the ASN.1 encoding of the BLISS private key from which the BLISS public key is extracted. Then in order to generate the BLISS certificate signature, two vectors *y1* and *y2* with 512 random numbers tightly following a Gaussian probability distribution using rejection sampling are generated. This process usually requires several rounds and a lot of random bits are used. The BLISS signature finally consists of the random vectors *z1* and *z2* as well as the sparse challenge vector *c*. |
678 | 10 | Andreas Steffen | |
679 | 10 | Andreas Steffen | A BLISS certificate can be displayed at any time with |
680 | 10 | Andreas Steffen | <pre> |
681 | 13 | Andreas Steffen | pki --print --debug 2 --in cacert4.pem |
682 | 10 | Andreas Steffen | |
683 | 1 | Andreas Steffen | L0 - x509: |
684 | 10 | Andreas Steffen | L1 - tbsCertificate: |
685 | 10 | Andreas Steffen | L2 - DEFAULT v1: |
686 | 10 | Andreas Steffen | L3 - version: |
687 | 10 | Andreas Steffen | X.509v3 |
688 | 10 | Andreas Steffen | L2 - serialNumber: |
689 | 10 | Andreas Steffen | L2 - signature: |
690 | 10 | Andreas Steffen | L3 - algorithmIdentifier: |
691 | 10 | Andreas Steffen | L4 - algorithm: |
692 | 10 | Andreas Steffen | 'BLISS-with-SHA512' |
693 | 10 | Andreas Steffen | L2 - issuer: |
694 | 12 | Andreas Steffen | 'C=CH, O=strongSwan Project, CN=strongSwan BLISS Root CA' |
695 | 10 | Andreas Steffen | L2 - validity: |
696 | 10 | Andreas Steffen | L3 - notBefore: |
697 | 10 | Andreas Steffen | L4 - utcTime: |
698 | 11 | Andreas Steffen | 'Dec 13 12:01:57 UTC 2014' |
699 | 10 | Andreas Steffen | L3 - notAfter: |
700 | 10 | Andreas Steffen | L4 - utcTime: |
701 | 11 | Andreas Steffen | 'Dec 13 12:01:57 UTC 2024' |
702 | 10 | Andreas Steffen | L2 - subject: |
703 | 12 | Andreas Steffen | 'C=CH, O=strongSwan Project, CN=strongSwan BLISS Root CA' |
704 | 1 | Andreas Steffen | L2 - subjectPublicKeyInfo: |
705 | 1 | Andreas Steffen | -- > -- |
706 | 1 | Andreas Steffen | L0 - subjectPublicKeyInfo: |
707 | 1 | Andreas Steffen | L1 - algorithm: |
708 | 1 | Andreas Steffen | L2 - algorithmIdentifier: |
709 | 1 | Andreas Steffen | L3 - algorithm: |
710 | 1 | Andreas Steffen | 'blissPublicKey' |
711 | 1 | Andreas Steffen | L3 - parameters: |
712 | 1 | Andreas Steffen | L0 - subjectPublicKeyInfo: |
713 | 1 | Andreas Steffen | L1 - algorithm: |
714 | 1 | Andreas Steffen | L2 - algorithmIdentifier: |
715 | 1 | Andreas Steffen | L3 - algorithm: |
716 | 1 | Andreas Steffen | 'blissPublicKey' |
717 | 1 | Andreas Steffen | L3 - parameters: |
718 | 1 | Andreas Steffen | L4 - blissKeyType: |
719 | 1 | Andreas Steffen | 'BLISS-IV' |
720 | 1 | Andreas Steffen | L1 - subjectPublicKey: |
721 | 1 | Andreas Steffen | -- < -- |
722 | 11 | Andreas Steffen | L2 - optional extensions: |
723 | 11 | Andreas Steffen | L3 - extensions: |
724 | 11 | Andreas Steffen | L4 - extension: |
725 | 11 | Andreas Steffen | L5 - extnID: |
726 | 11 | Andreas Steffen | 'basicConstraints' |
727 | 11 | Andreas Steffen | L5 - critical: |
728 | 11 | Andreas Steffen | TRUE |
729 | 11 | Andreas Steffen | L5 - extnValue: |
730 | 11 | Andreas Steffen | L6 - basicConstraints: |
731 | 11 | Andreas Steffen | L7 - CA: |
732 | 11 | Andreas Steffen | TRUE |
733 | 11 | Andreas Steffen | L4 - extension: |
734 | 11 | Andreas Steffen | L5 - extnID: |
735 | 11 | Andreas Steffen | 'keyUsage' |
736 | 11 | Andreas Steffen | L5 - critical: |
737 | 11 | Andreas Steffen | TRUE |
738 | 11 | Andreas Steffen | L5 - extnValue: |
739 | 11 | Andreas Steffen | L4 - extension: |
740 | 11 | Andreas Steffen | L5 - extnID: |
741 | 11 | Andreas Steffen | 'subjectKeyIdentifier' |
742 | 11 | Andreas Steffen | L5 - critical: |
743 | 11 | Andreas Steffen | FALSE |
744 | 11 | Andreas Steffen | L5 - extnValue: |
745 | 11 | Andreas Steffen | L6 - keyIdentifier: |
746 | 10 | Andreas Steffen | L1 - signatureAlgorithm: |
747 | 1 | Andreas Steffen | L2 - algorithmIdentifier: |
748 | 1 | Andreas Steffen | L3 - algorithm: |
749 | 1 | Andreas Steffen | 'BLISS-with-SHA512' |
750 | 1 | Andreas Steffen | L1 - signatureValue: |
751 | 10 | Andreas Steffen | |
752 | 11 | Andreas Steffen | z1 = -873..780, z2d = -3..4 |
753 | 10 | Andreas Steffen | |
754 | 10 | Andreas Steffen | cert: X509 |
755 | 12 | Andreas Steffen | subject: "C=CH, O=strongSwan Project, CN=strongSwan BLISS Root CA" |
756 | 12 | Andreas Steffen | issuer: "C=CH, O=strongSwan Project, CN=strongSwan BLISS Root CA" |
757 | 11 | Andreas Steffen | validity: not before Dec 13 13:01:57 2014, ok |
758 | 11 | Andreas Steffen | not after Dec 13 13:01:57 2024, ok (expires in 3652 days) |
759 | 11 | Andreas Steffen | serial: 12:a0:ca:85:51:b9:f3:27 |
760 | 11 | Andreas Steffen | flags: CA CRLSign self-signed |
761 | 10 | Andreas Steffen | subjkeyId: 37:f4:9e:f8:b7:50:ed:d4:29:16:72:58:b4:b1:f1:f5:46:c9:54:71 |
762 | 10 | Andreas Steffen | pubkey: BLISS 192 bits strength |
763 | 10 | Andreas Steffen | keyid: 55:ee:7a:31:44:e5:a0:cf:b6:c9:a7:17:98:c9:60:a7:eb:d0:4e:4f |
764 | 11 | Andreas Steffen | subjkey: 37:f4:9e:f8:b7:50:ed:d4:29:16:72:58:b4:b1:f1:f5:46:c9:54:71 |
765 | 10 | Andreas Steffen | </pre> |
766 | 11 | Andreas Steffen | If you are not interested in any detailed information then just creat a self-signed BLISS CA certificate with |
767 | 10 | Andreas Steffen | <pre> |
768 | 21 | Andreas Steffen | pki --self --type bliss --in cakey1.der --ca --dn "C=CH, O=strongSwan Project, CN=strongSwan BLISS Root CA" --lifetime 3653 > cacert1.der |
769 | 10 | Andreas Steffen | </pre> |
770 | 10 | Andreas Steffen | and view it with |
771 | 10 | Andreas Steffen | <pre> |
772 | 13 | Andreas Steffen | pki --print --in cacert1.der |
773 | 11 | Andreas Steffen | |
774 | 10 | Andreas Steffen | cert: X509 |
775 | 12 | Andreas Steffen | subject: "C=CH, O=strongSwan Project, CN=strongSwan BLISS Root CA" |
776 | 12 | Andreas Steffen | issuer: "C=CH, O=strongSwan Project, CN=strongSwan BLISS Root CA" |
777 | 11 | Andreas Steffen | validity: not before Dec 13 12:58:21 2014, ok |
778 | 1 | Andreas Steffen | not after Dec 13 12:58:21 2024, ok (expires in 3652 days) |
779 | 1 | Andreas Steffen | serial: 5d:06:0d:4b:69:64:84:62 |
780 | 1 | Andreas Steffen | flags: CA CRLSign self-signed |
781 | 1 | Andreas Steffen | subjkeyId: f3:60:55:bc:0b:49:c4:8a:a6:38:cc:ad:72:67:e5:91:7c:b8:a4:f5 |
782 | 1 | Andreas Steffen | pubkey: BLISS 128 bits strength |
783 | 1 | Andreas Steffen | keyid: df:78:00:c4:b4:13:e7:fd:4f:05:dd:39:1a:2e:2b:c5:65:39:10:f4 |
784 | 1 | Andreas Steffen | subjkey: f3:60:55:bc:0b:49:c4:8a:a6:38:cc:ad:72:67:e5:91:7c:b8:a4:f5 |
785 | 1 | Andreas Steffen | </pre> |
786 | 12 | Andreas Steffen | |
787 | 16 | Andreas Steffen | h2. BLISS End Entity Certificate Generation |
788 | 12 | Andreas Steffen | |
789 | 12 | Andreas Steffen | We are now going to generate a BLISS-I key pair for user Carol: |
790 | 12 | Andreas Steffen | <pre> |
791 | 12 | Andreas Steffen | pki --gen --type bliss --size 1 > carolKey.der |
792 | 12 | Andreas Steffen | |
793 | 12 | Andreas Steffen | secret key generation succeeded after 2 trials |
794 | 12 | Andreas Steffen | </pre> |
795 | 12 | Andreas Steffen | Next we create a self-signed PKCS#10 certificate request |
796 | 12 | Andreas Steffen | <pre> |
797 | 12 | Andreas Steffen | pki --req --type bliss --in carolKey.der --dn "C=CH, O=strongSwan Project, CN=carol@strongswan.org" --san carol@strongswan.org > carolReq.der |
798 | 12 | Andreas Steffen | </pre> |
799 | 12 | Andreas Steffen | which is used as the input for the CA to create a signed end entity certificate: |
800 | 12 | Andreas Steffen | <pre> |
801 | 13 | Andreas Steffen | pki --issue --type pkcs10 --in carolReq.der --cacert cacert4.pem --cakey cakey4.pem --crl http://crl.strongswan.org/bliss.crl --flag clientAuth > carolCert.der |
802 | 12 | Andreas Steffen | </pre> |
803 | 12 | Andreas Steffen | and which has the following content |
804 | 12 | Andreas Steffen | <pre> |
805 | 13 | Andreas Steffen | pki --print --in carolCert.der |
806 | 12 | Andreas Steffen | |
807 | 12 | Andreas Steffen | cert: X509 |
808 | 12 | Andreas Steffen | subject: "C=CH, O=strongSwan Project, CN=carol@strongswan.org" |
809 | 12 | Andreas Steffen | issuer: "C=CH, O=strongSwan Project, CN=strongSwan BLISS Root CA" |
810 | 12 | Andreas Steffen | validity: not before Dec 13 13:20:34 2014, ok |
811 | 1 | Andreas Steffen | not after Dec 12 13:20:34 2017, ok (expires in 1094 days) |
812 | 1 | Andreas Steffen | serial: 38:a9:13:10:c2:ed:ed:c3 |
813 | 1 | Andreas Steffen | altNames: carol@strongswan.org |
814 | 1 | Andreas Steffen | flags: clientAuth |
815 | 1 | Andreas Steffen | CRL URIs: http://crl.strongswan.org/bliss.crl |
816 | 12 | Andreas Steffen | authkeyId: 37:f4:9e:f8:b7:50:ed:d4:29:16:72:58:b4:b1:f1:f5:46:c9:54:71 |
817 | 12 | Andreas Steffen | subjkeyId: 8b:a3:c5:11:00:bb:84:55:dd:b8:4b:20:04:d9:58:77:57:ba:d8:3c |
818 | 12 | Andreas Steffen | pubkey: BLISS 128 bits strength |
819 | 12 | Andreas Steffen | keyid: 5b:cf:17:14:a8:d8:aa:bc:40:f3:21:95:a9:67:7d:20:af:66:4e:c2 |
820 | 12 | Andreas Steffen | subjkey: 8b:a3:c5:11:00:bb:84:55:dd:b8:4b:20:04:d9:58:77:57:ba:d8:3c |
821 | 13 | Andreas Steffen | </pre> |
822 | 13 | Andreas Steffen | |
823 | 13 | Andreas Steffen | h2. IKEv2 Public Key Authentication using BLISS Signatures |
824 | 13 | Andreas Steffen | |
825 | 36 | Andreas Steffen | The "ikev2/rw-ntru-bliss":http://www.strongswan.org/uml/testresults5/ikev2/rw-ntru-bliss/ strongSwan remote-access VPN scenario shows the practical use of IKEv2 public key authentication based on BLISS signatures. The larger size of the BLISS signatures and certificates compared to RSA is not a problem because IKEv2 Message Fragmentation ("RFC 7383":http://tools.ietf.org/html/rfc7383) is being used: |
826 | 15 | Andreas Steffen | |
827 | 15 | Andreas Steffen | IKE_AUTH Request |
828 | 14 | Andreas Steffen | <pre> |
829 | 14 | Andreas Steffen | Dec 12 13:53:11 carol charon: 13[IKE] sending end entity cert "C=CH, O=Linux strongSwan, OU=BLISS I, CN=carol@strongswan.org" |
830 | 14 | Andreas Steffen | Dec 12 13:53:11 carol charon: 13[IKE] establishing CHILD_SA home |
831 | 14 | Andreas Steffen | Dec 12 13:53:11 carol charon: 13[ENC] generating IKE_AUTH request 1 [ IDi CERT N(INIT_CONTACT) CERTREQ IDr AUTH CPRQ(ADDR) SA TSi TSr N(MOBIKE_SUP) N(ADD_6_ADDR) N(MULT_AUTH) N(EAP_ONLY) ] |
832 | 14 | Andreas Steffen | Dec 12 13:53:11 carol charon: 13[ENC] splitting IKE message with length of 3232 bytes into 3 fragments |
833 | 14 | Andreas Steffen | Dec 12 13:53:11 carol charon: 13[ENC] generating IKE_AUTH request 1 [ EF ] |
834 | 14 | Andreas Steffen | Dec 12 13:53:11 carol charon: 13[ENC] generating IKE_AUTH request 1 [ EF ] |
835 | 14 | Andreas Steffen | Dec 12 13:53:11 carol charon: 13[ENC] generating IKE_AUTH request 1 [ EF ] |
836 | 14 | Andreas Steffen | Dec 12 13:53:11 carol charon: 13[NET] sending packet: from 192.168.0.100[4500] to 192.168.0.1[4500] (1460 bytes) |
837 | 14 | Andreas Steffen | Dec 12 13:53:11 carol charon: 13[NET] sending packet: from 192.168.0.100[4500] to 192.168.0.1[4500] (1460 bytes) |
838 | 14 | Andreas Steffen | Dec 12 13:53:11 carol charon: 13[NET] sending packet: from 192.168.0.100[4500] to 192.168.0.1[4500] (452 bytes) |
839 | 14 | Andreas Steffen | </pre> |
840 | 15 | Andreas Steffen | |
841 | 15 | Andreas Steffen | IKE_AUTH Response |
842 | 14 | Andreas Steffen | <pre> |
843 | 14 | Andreas Steffen | Dec 12 13:53:12 carol charon: 03[NET] received packet: from 192.168.0.1[4500] to 192.168.0.100[4500] (1460 bytes) |
844 | 14 | Andreas Steffen | Dec 12 13:53:12 carol charon: 03[ENC] parsed IKE_AUTH response 1 [ EF ] |
845 | 14 | Andreas Steffen | Dec 12 13:53:12 carol charon: 03[ENC] received fragment #1 of 3, waiting for complete IKE message |
846 | 14 | Andreas Steffen | Dec 12 13:53:12 carol charon: 03[NET] received packet: from 192.168.0.1[4500] to 192.168.0.100[4500] (1460 bytes) |
847 | 14 | Andreas Steffen | Dec 12 13:53:12 carol charon: 03[ENC] parsed IKE_AUTH response 1 [ EF ] |
848 | 14 | Andreas Steffen | Dec 12 13:53:12 carol charon: 03[ENC] received fragment #2 of 3, waiting for complete IKE message |
849 | 14 | Andreas Steffen | Dec 12 13:53:12 carol charon: 15[NET] received packet: from 192.168.0.1[4500] to 192.168.0.100[4500] (548 bytes) |
850 | 14 | Andreas Steffen | Dec 12 13:53:12 carol charon: 15[ENC] parsed IKE_AUTH response 1 [ EF ] |
851 | 14 | Andreas Steffen | Dec 12 13:53:12 carol charon: 15[ENC] received fragment #3 of 3, reassembling fragmented IKE message |
852 | 14 | Andreas Steffen | Dec 12 13:53:12 carol charon: 15[ENC] parsed IKE_AUTH response 1 [ IDr CERT AUTH CPRP(ADDR) SA TSi TSr N(AUTH_LFT) N(MOBIKE_SUP) N(ADD_4_ADDR) N(ADD_6_ADDR) N(ADD_6_ADDR) ] |
853 | 14 | Andreas Steffen | Dec 12 13:53:12 carol charon: 15[IKE] received end entity cert "C=CH, O=Linux strongSwan, OU=BLISS IV, CN=moon.strongswan.org" |
854 | 14 | Andreas Steffen | Dec 12 13:53:12 carol charon: 15[CFG] using certificate "C=CH, O=Linux strongSwan, OU=BLISS IV, CN=moon.strongswan.org" |
855 | 14 | Andreas Steffen | Dec 12 13:53:12 carol charon: 15[CFG] using trusted ca certificate "C=CH, O=Linux strongSwan, CN=strongSwan BLISS Root CA" |
856 | 14 | Andreas Steffen | Dec 12 13:53:12 carol charon: 15[CFG] checking certificate status of "C=CH, O=Linux strongSwan, OU=BLISS IV, CN=moon.strongswan.org" |
857 | 14 | Andreas Steffen | Dec 12 13:53:12 carol charon: 15[CFG] fetching crl from 'http://crl.strongswan.org/strongswan_bliss.crl' ... |
858 | 14 | Andreas Steffen | Dec 12 13:53:12 carol charon: 15[CFG] using trusted certificate "C=CH, O=Linux strongSwan, CN=strongSwan BLISS Root CA" |
859 | 14 | Andreas Steffen | Dec 12 13:53:12 carol charon: 15[CFG] crl correctly signed by "C=CH, O=Linux strongSwan, CN=strongSwan BLISS Root CA" |
860 | 14 | Andreas Steffen | Dec 12 13:53:12 carol charon: 15[CFG] crl is valid: until Jan 11 12:36:45 2015 |
861 | 14 | Andreas Steffen | Dec 12 13:53:12 carol charon: 15[CFG] certificate status is good |
862 | 14 | Andreas Steffen | Dec 12 13:53:12 carol charon: 15[CFG] reached self-signed root ca with a path length of 0 |
863 | 14 | Andreas Steffen | Dec 12 13:53:12 carol charon: 15[IKE] authentication of 'moon.strongswan.org' with BLISS signature successful |
864 | 14 | Andreas Steffen | Dec 12 13:53:12 carol charon: 15[IKE] IKE_SA home[1] established between 192.168.0.100[carol@strongswan.org]...192.168.0.1[moon.strongswan.org] |
865 | 14 | Andreas Steffen | </pre> |
866 | 22 | Andreas Steffen | BTW- the key exchange method used is [[NTRU|NTRU Encryption]] so that the strongSwan IPsec connection setup is not vulnerable to quantum computer based key attacks: |
867 | 15 | Andreas Steffen | |
868 | 15 | Andreas Steffen | IKE_SA_INIT Request |
869 | 14 | Andreas Steffen | <pre> |
870 | 14 | Andreas Steffen | Dec 12 13:53:11 carol charon: 12[IKE] initiating IKE_SA home[1] to 192.168.0.1 |
871 | 14 | Andreas Steffen | Dec 12 13:53:11 carol charon: 12[LIB] 128 bit optimum NTRU parameter set ees439ep1 selected |
872 | 14 | Andreas Steffen | Dec 12 13:53:11 carol charon: 12[ENC] generating IKE_SA_INIT request 0 [ SA KE No N(NATD_S_IP) N(NATD_D_IP) N(FRAG_SUP) V ] |
873 | 1 | Andreas Steffen | Dec 12 13:53:11 carol charon: 12[NET] sending packet: from 192.168.0.100[500] to 192.168.0.1[500] (813 bytes) |
874 | 1 | Andreas Steffen | </pre> |
875 | 16 | Andreas Steffen | |
876 | 16 | Andreas Steffen | h2. Design Details on BLISS Signatures |
877 | 16 | Andreas Steffen | |
878 | 19 | Andreas Steffen | * For Gaussian sampling we are using a Bernoulli Sampler as described in "Lattice Signatures and Bimodal Gaussians":https://eprint.iacr.org/2013/383 but currently not a Cumulative Distribution Table (CDT). This means the Gaussian rejection sampling currently requires a lot of random material which is produced using the "MGF1":https://wiki.strongswan.org/projects/strongswan/repository/revisions/master/entry/src/libstrongswan/crypto/mgf1/mgf1.h Mask Generation Function ("RFC 2437":http://tools.ietf.org/html/rfc2437#section-10.2.1) seeded by a true random source. The hash function used with MGF1 is currently SHA-1 for cryptographic strengths up to 160 bits, and SHA-256 for strengths up to 256 bits but we think about generally switching to SHA-512 since that hash function is used for the random oracle used by the BLISS signature anyway and SHA-512 performance is usually superior to SHA-256 on 64 bit platforms. |
879 | 19 | Andreas Steffen | |
880 | 35 | Andreas Steffen | * In order to minimize the BLISS signature size, a set of [[BlissHuffmanCodes|Huffman Codes]] is used to encode the tuples (abs(z1[i]) >> 8, z2d[i]), with i = 0 .. 511. The sign and lower 8 bits of z1[i] are encoded using a fixed 9 bit field as described by Thomas Pöppelmann, Léo Ducas and Tim Güneysu in "Enhanced Lattice-Based Signatures on Reconfigurable Hardware":http://eprint.iacr.org/2014/254.pdf. |
881 | 1 | Andreas Steffen | |
882 | 35 | Andreas Steffen | * Measured BLISS Signature Size* |
883 | 33 | Andreas Steffen | |
884 | 34 | Andreas Steffen | |Scheme |Bit-packed |Partially Huffman-coded |Compression Rates | |
885 | 34 | Andreas Steffen | |BLISS-I |>.7375 bits |>.5718 .. 5793 .. 5884 bits |>.22.5 .. 21.4 .. 20.2 % | |
886 | 34 | Andreas Steffen | |BLISS-III |>.7950 bits |>.6093 .. 6167 .. 6255 bits |>.23.4 .. 22.4 .. 21.3 % | |
887 | 1 | Andreas Steffen | |BLISS-IV |>.8543 bits |>.6644 .. 6725 .. 6784 bits |>.22.3 .. 21.3 .. 20.6 % | |
888 | 35 | Andreas Steffen | |
889 | 35 | Andreas Steffen | *statistics based on a measurement set of 50 signatures, each |
890 | 23 | Andreas Steffen | |
891 | 23 | Andreas Steffen | h2. ASN.1 Syntax |
892 | 23 | Andreas Steffen | |
893 | 26 | Andreas Steffen | h3. Object Identifiers |
894 | 26 | Andreas Steffen | |
895 | 26 | Andreas Steffen | <pre> |
896 | 26 | Andreas Steffen | id-bliss { iso(1) identified-organization(3) dod(6) internet(1) private(4) enterprise(1) ita(36906) bliss(5) } |
897 | 26 | Andreas Steffen | |
898 | 26 | Andreas Steffen | keyType { id-bliss 1 } |
899 | 26 | Andreas Steffen | |
900 | 26 | Andreas Steffen | blissPublicKey { keyType 1 } |
901 | 26 | Andreas Steffen | |
902 | 26 | Andreas Steffen | parameters { id-bliss 2 } |
903 | 26 | Andreas Steffen | |
904 | 26 | Andreas Steffen | blissI = { parameters 1 } |
905 | 26 | Andreas Steffen | blissII = { parameters 2 } |
906 | 26 | Andreas Steffen | blissIII = { parameters 3 } |
907 | 26 | Andreas Steffen | blissIV = { parameters 4 } |
908 | 26 | Andreas Steffen | |
909 | 26 | Andreas Steffen | |
910 | 27 | Andreas Steffen | blissSigType = { id-bliss 3 } |
911 | 26 | Andreas Steffen | |
912 | 27 | Andreas Steffen | blissWithSha512 = { blissSigType 1 } |
913 | 26 | Andreas Steffen | </pre> |
914 | 26 | Andreas Steffen | |
915 | 23 | Andreas Steffen | h3. BLISS Private Key |
916 | 23 | Andreas Steffen | |
917 | 23 | Andreas Steffen | <pre> |
918 | 23 | Andreas Steffen | BlissPrivateKey ::= SEQUENCE { |
919 | 27 | Andreas Steffen | parameter OBJECT IDENTIFIER, |
920 | 27 | Andreas Steffen | public BIT STRING, -- A |
921 | 27 | Andreas Steffen | secret1 BIT STRING, -- s1 |
922 | 27 | Andreas Steffen | secret2 BIT STRING -- s2 } |
923 | 23 | Andreas Steffen | </pre> |
924 | 23 | Andreas Steffen | |
925 | 29 | Andreas Steffen | As *parameter* one of the BLISS parameters OIDs *blissI* .. *blissIV* is used. |
926 | 1 | Andreas Steffen | |
927 | 28 | Andreas Steffen | h3. BLISS Public Key |
928 | 29 | Andreas Steffen | |
929 | 1 | Andreas Steffen | <pre> |
930 | 28 | Andreas Steffen | SubjectPublicKeyInfo ::= SEQUENCE { |
931 | 28 | Andreas Steffen | algorithm AlgorithmIdentifier, |
932 | 28 | Andreas Steffen | subjectPublicKey BIT STRING } |
933 | 1 | Andreas Steffen | |
934 | 28 | Andreas Steffen | AlgorithmIdentifier ::= SEQUENCE { |
935 | 28 | Andreas Steffen | algorithm OBJECT IDENTIFIER, |
936 | 28 | Andreas Steffen | parameters OBJECT IDENTIFER } |
937 | 23 | Andreas Steffen | </pre> |
938 | 1 | Andreas Steffen | |
939 | 30 | Andreas Steffen | As *algorithm* the *blissPublicKey* OID is used and *parameters* indicates one of the BLISS parameter OIDs *blissI* .. *blissIV*. |
940 | 23 | Andreas Steffen |