Bimodal Lattice Signature Scheme (BLISS) » History » Version 47
Andreas Steffen, 07.05.2015 08:09
1 | 1 | Andreas Steffen | h1. Bimodal Lattice Signature Scheme (BLISS) |
---|---|---|---|
2 | 1 | Andreas Steffen | |
3 | 16 | Andreas Steffen | {{>toc}} |
4 | 16 | Andreas Steffen | |
5 | 38 | Andreas Steffen | BLISS is a post-quantum signature scheme based on the CRYPTO 2013 paper "Lattice Signatures and Bimodal Gaussians":https://eprint.iacr.org/2013/383 by Léo Ducas, Alain Durmus, Tancrède Lepoint, and Vadim Lyubashevsky. Starting with the strongSwan [[5.2.2]] release we offer BLISS as an IKEv2 public key authentication method. We also added full BLISS key and certificate generation support to the strongSwan [[IpsecPki|pki]] tool. With strongSwan [[5.3.0]] we are upgrading to the improved BLISS-B signature algorithm described in "Accelerating Bliss: the Geometry of Ternary Polynomials":https://eprint.iacr.org/2014/874.pdf by Léo Ducas. This HOWTO is based on the new BLISS-B default scheme. It is possible though to revert to the old BLISS behaviour by setting |
6 | 38 | Andreas Steffen | <pre> |
7 | 38 | Andreas Steffen | libstrongswan { |
8 | 38 | Andreas Steffen | plugins { |
9 | 38 | Andreas Steffen | bliss { |
10 | 38 | Andreas Steffen | use_bliss_b = no |
11 | 38 | Andreas Steffen | } |
12 | 38 | Andreas Steffen | } |
13 | 38 | Andreas Steffen | } |
14 | 38 | Andreas Steffen | </pre> |
15 | 40 | Andreas Steffen | in strongswan.conf, although we don't see any advantage whatever for doing this. |
16 | 1 | Andreas Steffen | |
17 | 17 | Andreas Steffen | This seamless integration into the strongSwan framework was made possible by the new libstrongswan "bliss plugin":https://wiki.strongswan.org/projects/strongswan/repository/revisions/master/show/src/libstrongswan/plugins/bliss completely written in the C programming language without the use of any external libraries and which implements the libstrongswan "public_key_t":https://wiki.strongswan.org/projects/strongswan/repository/revisions/master/entry/src/libstrongswan/credentials/keys/public_key.h and "private_key_t":https://wiki.strongswan.org/projects/strongswan/repository/revisions/master/entry/src/libstrongswan/credentials/keys/private_key.h interfaces. |
18 | 7 | Andreas Steffen | |
19 | 18 | Andreas Steffen | h2. Building strongSwan with BLISS Support |
20 | 18 | Andreas Steffen | |
21 | 18 | Andreas Steffen | If you want to play around with BLISS keys and signatures using the strongSwan [[IpsecPki|pki]] tool please follow the quick software installation HOWTO: |
22 | 18 | Andreas Steffen | <pre> |
23 | 47 | Andreas Steffen | wget http://download.strongswan.org/strongswan-5.3.0.tar.bz2 |
24 | 47 | Andreas Steffen | tar xjf strongswan-5.3.0.tar.bz2 |
25 | 47 | Andreas Steffen | cd strongswan-5.3.0 |
26 | 18 | Andreas Steffen | ./configure --prefix=/usr --sysconfdir=/etc --disable-gmp --enable-bliss |
27 | 18 | Andreas Steffen | make |
28 | 18 | Andreas Steffen | sudo make install |
29 | 18 | Andreas Steffen | </pre> |
30 | 18 | Andreas Steffen | |
31 | 1 | Andreas Steffen | h2. BLISS Private Key Generation |
32 | 1 | Andreas Steffen | |
33 | 41 | Andreas Steffen | strongSwan currently supports the BLISS-B-I, BLISS-B-III, and BLISS-B_IV schemes with a cryptographic strength of 128 bits, 160 bits and 192 bits, respectively. Using the [[IpsecPki|pki]] tool a private BLISS-B-I key can be generated as follows: |
34 | 1 | Andreas Steffen | <pre> |
35 | 13 | Andreas Steffen | pki --gen --type bliss --size 1 --debug 2 > cakey1.der |
36 | 1 | Andreas Steffen | |
37 | 1 | Andreas Steffen | mgf1 based on sha1 is seeded with 20 octets |
38 | 1 | Andreas Steffen | mgf1 generated 240 octets |
39 | 1 | Andreas Steffen | mgf1 based on sha1 is seeded with 20 octets |
40 | 1 | Andreas Steffen | mgf1 generated 240 octets |
41 | 41 | Andreas Steffen | l2 norm of s1||s2: 771, Nk(S): 44024 |
42 | 1 | Andreas Steffen | |
43 | 41 | Andreas Steffen | secret key generation succeeded after 1 trial |
44 | 1 | Andreas Steffen | </pre> |
45 | 41 | Andreas Steffen | With the command |
46 | 1 | Andreas Steffen | <pre> |
47 | 1 | Andreas Steffen | pki --print --type bliss-priv --in cakey1.der |
48 | 13 | Andreas Steffen | |
49 | 1 | Andreas Steffen | private key with: |
50 | 1 | Andreas Steffen | pubkey: BLISS 128 bits strength |
51 | 41 | Andreas Steffen | keyid: 66:5d:b6:ae:85:b6:32:1b:9a:7e:2c:ed:c7:6a:4d:68:f0:3a:ec:77 |
52 | 41 | Andreas Steffen | subjkey: 50:c5:a5:b0:21:e2:a8:13:12:ba:7c:87:f3:3f:ab:90:ad:2c:4d:c2 |
53 | 1 | Andreas Steffen | </pre> |
54 | 1 | Andreas Steffen | information on the BLISS private key is displayed. |
55 | 1 | Andreas Steffen | |
56 | 41 | Andreas Steffen | Let's now generate a BLISS-B-IV key with 192 bit cryptographic strength in base64-encoded PEM format |
57 | 1 | Andreas Steffen | <pre> |
58 | 1 | Andreas Steffen | pki --gen --type bliss --size 4 --outform pem > cakey4.pem |
59 | 41 | Andreas Steffen | secret key generation succeeded after 1 trial |
60 | 1 | Andreas Steffen | </pre> |
61 | 1 | Andreas Steffen | The PEM key format is printable |
62 | 1 | Andreas Steffen | <pre> |
63 | 1 | Andreas Steffen | cat cakey4.pem |
64 | 1 | Andreas Steffen | |
65 | 1 | Andreas Steffen | -----BEGIN BLISS PRIVATE KEY----- |
66 | 41 | Andreas Steffen | MIIFGgYLKwYBBAGCoCoFAggDggOBAFPFQxsmKwFTjeebvilsNgguxG6vs6EWIyWi |
67 | 41 | Andreas Steffen | RUkzxZ3BZVy2Oya/9jkMO4O5W/TM5C5vKf0ADlu4fVzU2drT9YA6LzeJIhlWmHu0 |
68 | 41 | Andreas Steffen | ISD9s3Q6pf5NxpvKKFiqjA8ePHFk2iIJQ+DbA9VCtYzM0BOz11+blrl4zOeHp2Am |
69 | 41 | Andreas Steffen | lmkQwW1OTYejkOBEdGFFuwpVbLXL0XTj4KPZB9icIU48VVh2fS/fOjSRyVhruzVO |
70 | 41 | Andreas Steffen | 6QQtHeCE6p0HLQCpYsw4i93KaYyoS9tDK5Ia/TGWcpp9Sih4k60iJAEusftoijJl |
71 | 41 | Andreas Steffen | hq41uiUgVd7vpeaWBoMurUODR4aYMiNF2eCGuPTC+76hpZ4h91TmZ7ASuoATl57E |
72 | 41 | Andreas Steffen | XN3wY61OuLW+CiTlHZsfddmTRyWbtp5t0Ckk2RaoEsCvU/22csb3Z4CkASoJawVB |
73 | 41 | Andreas Steffen | i6VeQPtTr9cfUDb4mhSOv7LRZmjkkqyl5FduVOw3BePVZGqHZLrLdZ1AAbAtoel9 |
74 | 41 | Andreas Steffen | FYZ/EBEbQpGVEEWwm98tsFeIp2JWUCA9bOdzlOsoJ6mmgz9fKXDQBsv+DeOSkXNo |
75 | 41 | Andreas Steffen | yKJ0EnXh6J5iPG6gtvoRVwGLfL0Yqcl7nkB5UUGWdQC2PNKZEAW2zVg5Wx4ALtgI |
76 | 41 | Andreas Steffen | qKhqyH5S29X4LoCqut6TuU8PYjKMlr9G8pK5kfXx3/A1/iD15m5esYBRmkddMRsK |
77 | 41 | Andreas Steffen | w3XdASNeHOeVfFU6FgKe+hYQhCTBgZGN3CFRtRhWbV7NES2DRkxiIgFWYrfRgLt/ |
78 | 41 | Andreas Steffen | pobwJcL4VqwQQiSD83isZaHNRKJ+WttYKpQmTQk/ycYpD1DJ98Kw1LeyfTXxvtv8 |
79 | 41 | Andreas Steffen | prSQekPNXHeyN8fXDgZmpLIBdOyutO5uelVV/ovsLGtmSQehXXvLj9IoETxtsnYj |
80 | 41 | Andreas Steffen | XpQU86hCaOl8ZLaASUhrqqBe0nQYB5Utr7P7YaxrfYYoiCEZZrLR9oIWNHYMiev2 |
81 | 41 | Andreas Steffen | FCkQie3mrOb9K5AJo3DnfyumrNjOxq2a8N9WHRaDGrKT+l3gVJysxebExLNJsOHU |
82 | 41 | Andreas Steffen | 89DZcnA3ulxmxoMdH/KzGMd9bjCIf0xNltRhULrBoShlhBElqK8znFHWhGmdbWhe |
83 | 41 | Andreas Steffen | 0C3kKzApp5MebesGOdUT/U/ylUKPyINd90cqQESjHe+WibikN4WCcihiBRzvexQG |
84 | 41 | Andreas Steffen | klrkgqhAxL9ZX4SFWtzLsiSIpmWJUaY72vwo2TuA5un+Xq3yi7YtBggaRjg86Yiv |
85 | 41 | Andreas Steffen | tDsRFpMAA4HBAByACgOQOAOCBz0AD+AT+QCQB+OgPx/wAOP+QQAeeAR+AAAFwACO |
86 | 41 | Andreas Steffen | CAAByOgAQOBz+AAPyNwCRwAD+h+QCPxyATx+QPxyACATweCRzwAACQAPyCQOOeQA |
87 | 41 | Andreas Steffen | OOOgPyCQAieCQARigBxwB9geMPxwCRiDxgVwEEAAOAB+eP+CMCR+OCgCMRwPwB+A |
88 | 41 | Andreas Steffen | RwAhwQBzhyRzyBx+QQCACEAfyOPwP/ifiDwSAhwCDyCCAQSAfhwMAeQBwSAACAAD |
89 | 41 | Andreas Steffen | +CCeOUACeCASAAOBwQAAYAf/oEc8A8fkgAAfgEEHkEADfgn4AAAjk8gcAEEADgDo |
90 | 41 | Andreas Steffen | ccEg/fj8EkAcfkAEEgAo4EADnEIcnnjgEgAnkcEnggEcbgDhAAcdAcEAAAgA8AEk |
91 | 41 | Andreas Steffen | 8rgAjkdAAAHgAgdckAEIADBfgAA4HgYgD8EjgDkAcAEgEHn/8AA8gHgA8cEEcAAk |
92 | 41 | Andreas Steffen | fgggAf84AAAgBEj8jlD8AEcoADjgc/gDkgAk/gAdAg8A78ADAEgYgg8gEbngkc8/ |
93 | 41 | Andreas Steffen | ggAnkjhcHggAkEgj8Ak= |
94 | 3 | Andreas Steffen | -----END BLISS PRIVATE KEY----- |
95 | 3 | Andreas Steffen | </pre> |
96 | 42 | Andreas Steffen | At last let's generate a BLISS-B-III key with a cryptographic strength of 160 bits with the highest debug level enabled: |
97 | 3 | Andreas Steffen | <pre> |
98 | 3 | Andreas Steffen | pki --gen --type bliss --size 3 --debug 4 > cakey3.der |
99 | 3 | Andreas Steffen | |
100 | 3 | Andreas Steffen | mgf1 based on sha1 is seeded with 20 octets |
101 | 1 | Andreas Steffen | mgf1 generated 380 octets |
102 | 1 | Andreas Steffen | mgf1 based on sha1 is seeded with 20 octets |
103 | 41 | Andreas Steffen | mgf1 generated 420 octets |
104 | 41 | Andreas Steffen | l2 norm of s1||s2: 1397, Nk(S): 134554 |
105 | 13 | Andreas Steffen | |
106 | 41 | Andreas Steffen | S1[374] is zero - s1 is not invertible |
107 | 41 | Andreas Steffen | |
108 | 41 | Andreas Steffen | mgf1 based on sha1 is seeded with 20 octets |
109 | 41 | Andreas Steffen | mgf1 generated 400 octets |
110 | 41 | Andreas Steffen | mgf1 based on sha1 is seeded with 20 octets |
111 | 41 | Andreas Steffen | mgf1 generated 400 octets |
112 | 41 | Andreas Steffen | l2 norm of s1||s2: 1397, Nk(S): 150444 |
113 | 41 | Andreas Steffen | |
114 | 41 | Andreas Steffen | secret key generation succeeded after 2 trials |
115 | 41 | Andreas Steffen | |
116 | 3 | Andreas Steffen | i f g a F G A |
117 | 41 | Andreas Steffen | 0 0 -1 11349 7348 7670 2988 |
118 | 41 | Andreas Steffen | 1 1 0 7974 3185 4952 11025 |
119 | 41 | Andreas Steffen | 2 0 -2 8985 2527 9470 4541 |
120 | 41 | Andreas Steffen | 3 1 -2 7381 10610 11589 2467 |
121 | 41 | Andreas Steffen | 4 0 0 24 6142 3407 1095 |
122 | 41 | Andreas Steffen | 5 0 0 660 5787 7097 4552 |
123 | 41 | Andreas Steffen | 6 -2 0 7663 996 8919 120 |
124 | 41 | Andreas Steffen | 7 0 0 11446 2979 5879 5439 |
125 | 41 | Andreas Steffen | 8 0 0 10761 9288 6406 11689 |
126 | 41 | Andreas Steffen | 9 1 2 10655 5145 9566 11720 |
127 | 41 | Andreas Steffen | 10 -1 -2 2239 12023 2977 497 |
128 | 41 | Andreas Steffen | 11 1 -2 8056 9625 769 1665 |
129 | 41 | Andreas Steffen | 12 -1 0 12073 10413 8267 7745 |
130 | 41 | Andreas Steffen | 13 0 0 10423 7043 8384 659 |
131 | 41 | Andreas Steffen | 14 -1 0 2927 4462 1895 3870 |
132 | 41 | Andreas Steffen | 15 0 -2 8350 10004 5363 2321 |
133 | 41 | Andreas Steffen | 16 0 0 8719 8405 9805 4329 |
134 | 41 | Andreas Steffen | 17 0 0 126 16 11765 9184 |
135 | 41 | Andreas Steffen | 18 1 0 11077 7415 10462 12186 |
136 | 41 | Andreas Steffen | 19 0 0 10321 10888 9001 9002 |
137 | 41 | Andreas Steffen | 20 0 0 11406 12197 2320 2112 |
138 | 41 | Andreas Steffen | 21 -1 0 2382 8071 11316 6203 |
139 | 41 | Andreas Steffen | 22 0 0 11952 2522 7713 2532 |
140 | 41 | Andreas Steffen | 23 -1 0 3121 3838 1919 6145 |
141 | 41 | Andreas Steffen | 24 0 2 3530 7422 3780 6905 |
142 | 41 | Andreas Steffen | 25 -1 0 1229 3845 2506 2337 |
143 | 41 | Andreas Steffen | 26 -1 2 1278 246 10767 6488 |
144 | 41 | Andreas Steffen | 27 0 0 1031 8302 2463 11225 |
145 | 41 | Andreas Steffen | 28 0 -2 6091 11836 4336 2866 |
146 | 41 | Andreas Steffen | 29 0 0 9763 11818 1023 5477 |
147 | 41 | Andreas Steffen | 30 1 0 3533 11202 11192 815 |
148 | 41 | Andreas Steffen | 31 -2 0 2485 9375 1396 1096 |
149 | 41 | Andreas Steffen | 32 0 2 7774 9256 11751 4761 |
150 | 41 | Andreas Steffen | 33 1 -2 5705 105 8018 5109 |
151 | 41 | Andreas Steffen | 34 1 -2 1310 1037 11693 6138 |
152 | 41 | Andreas Steffen | 35 0 2 3963 11119 7278 9888 |
153 | 41 | Andreas Steffen | 36 -1 0 2664 716 7917 2946 |
154 | 41 | Andreas Steffen | 37 0 -2 2310 7971 11642 12218 |
155 | 41 | Andreas Steffen | 38 0 0 9219 11411 7807 8627 |
156 | 41 | Andreas Steffen | 39 0 0 5358 9175 10240 7187 |
157 | 41 | Andreas Steffen | 40 0 0 9739 11874 10139 11850 |
158 | 41 | Andreas Steffen | 41 1 2 8814 10927 12043 325 |
159 | 41 | Andreas Steffen | 42 0 0 7933 11743 3920 9761 |
160 | 41 | Andreas Steffen | 43 -2 0 251 6664 6850 4969 |
161 | 41 | Andreas Steffen | 44 0 0 3754 5561 1275 4389 |
162 | 41 | Andreas Steffen | 45 0 0 4863 4628 11852 5770 |
163 | 41 | Andreas Steffen | 46 0 0 9053 8612 8420 4162 |
164 | 41 | Andreas Steffen | 47 0 -2 7268 6093 2250 12126 |
165 | 41 | Andreas Steffen | 48 -1 0 3867 7439 10172 11395 |
166 | 41 | Andreas Steffen | 49 0 0 1877 8716 2985 4663 |
167 | 41 | Andreas Steffen | 50 0 2 4520 140 3538 6872 |
168 | 41 | Andreas Steffen | 51 -1 -2 12012 7676 9229 8965 |
169 | 41 | Andreas Steffen | 52 1 0 11243 1199 5329 3192 |
170 | 41 | Andreas Steffen | 53 0 0 3816 4823 4210 2768 |
171 | 41 | Andreas Steffen | 54 0 0 11185 7269 11376 10485 |
172 | 41 | Andreas Steffen | 55 0 -2 368 6947 8326 6955 |
173 | 41 | Andreas Steffen | 56 0 0 12276 11097 9506 5786 |
174 | 41 | Andreas Steffen | 57 0 0 1482 7994 2714 10832 |
175 | 41 | Andreas Steffen | 58 0 0 8790 4355 2509 5980 |
176 | 41 | Andreas Steffen | 59 0 0 2592 5059 10875 12262 |
177 | 41 | Andreas Steffen | 60 1 2 741 7578 6721 5847 |
178 | 41 | Andreas Steffen | 61 -1 0 5401 2769 1664 5597 |
179 | 41 | Andreas Steffen | 62 -1 -2 3498 3562 8160 1127 |
180 | 41 | Andreas Steffen | 63 0 4 9783 9751 4934 153 |
181 | 41 | Andreas Steffen | 64 1 2 562 10232 3792 2585 |
182 | 41 | Andreas Steffen | 65 0 2 5623 3669 816 8702 |
183 | 41 | Andreas Steffen | 66 0 0 6817 2897 3255 595 |
184 | 41 | Andreas Steffen | 67 0 2 4920 4356 5602 2309 |
185 | 41 | Andreas Steffen | 68 1 2 1443 8246 1837 9328 |
186 | 41 | Andreas Steffen | 69 -1 2 8830 8527 10087 11388 |
187 | 41 | Andreas Steffen | 70 1 2 8318 386 8777 10115 |
188 | 41 | Andreas Steffen | 71 0 0 4835 3976 8200 6604 |
189 | 41 | Andreas Steffen | 72 0 0 12193 2774 9810 4345 |
190 | 41 | Andreas Steffen | 73 0 -2 5217 4530 5891 2120 |
191 | 41 | Andreas Steffen | 74 0 -2 2158 1444 8147 8082 |
192 | 41 | Andreas Steffen | 75 0 0 6172 6249 9683 3797 |
193 | 41 | Andreas Steffen | 76 0 -2 3351 2755 4435 10774 |
194 | 41 | Andreas Steffen | 77 0 0 1795 5593 7010 2249 |
195 | 41 | Andreas Steffen | 78 0 0 6378 6529 2449 3586 |
196 | 41 | Andreas Steffen | 79 1 0 3282 8543 8791 6877 |
197 | 41 | Andreas Steffen | 80 0 0 5941 2515 3404 2122 |
198 | 41 | Andreas Steffen | 81 0 0 9619 226 4829 402 |
199 | 41 | Andreas Steffen | 82 0 0 3819 1636 3669 5343 |
200 | 41 | Andreas Steffen | 83 0 0 10054 10341 5815 9832 |
201 | 41 | Andreas Steffen | 84 -1 -2 5846 1459 6451 1689 |
202 | 41 | Andreas Steffen | 85 0 0 7204 2539 4867 2209 |
203 | 41 | Andreas Steffen | 86 0 0 5750 2023 198 8863 |
204 | 41 | Andreas Steffen | 87 -1 2 6261 5977 12147 331 |
205 | 41 | Andreas Steffen | 88 0 0 3021 2021 2604 1412 |
206 | 41 | Andreas Steffen | 89 0 2 7572 3901 5291 12199 |
207 | 41 | Andreas Steffen | 90 1 -2 3971 10971 5040 6150 |
208 | 41 | Andreas Steffen | 91 -1 0 3481 7683 7127 5588 |
209 | 41 | Andreas Steffen | 92 0 0 3473 10868 6948 11869 |
210 | 41 | Andreas Steffen | 93 0 2 6995 549 8855 4202 |
211 | 41 | Andreas Steffen | 94 0 0 7016 7421 1258 1782 |
212 | 41 | Andreas Steffen | 95 1 2 12142 5614 12132 5085 |
213 | 41 | Andreas Steffen | 96 1 0 297 11408 10263 5819 |
214 | 41 | Andreas Steffen | 97 1 -2 4317 569 1661 4560 |
215 | 41 | Andreas Steffen | 98 0 2 11899 8600 5015 2094 |
216 | 41 | Andreas Steffen | 99 1 0 5837 554 9502 5474 |
217 | 41 | Andreas Steffen | 100 -1 -2 3375 3281 8625 7400 |
218 | 41 | Andreas Steffen | 101 1 0 6925 720 9235 10339 |
219 | 41 | Andreas Steffen | 102 0 -2 11463 11460 3152 8935 |
220 | 41 | Andreas Steffen | 103 -1 -2 996 3541 9592 4202 |
221 | 41 | Andreas Steffen | 104 0 -2 2977 4667 4746 6684 |
222 | 41 | Andreas Steffen | 105 0 2 3324 10226 9780 6935 |
223 | 41 | Andreas Steffen | 106 -1 2 12127 10743 12252 3426 |
224 | 41 | Andreas Steffen | 107 0 -2 9795 10231 6839 4720 |
225 | 41 | Andreas Steffen | 108 0 -2 2889 3500 3258 10106 |
226 | 41 | Andreas Steffen | 109 -1 4 8087 6380 5416 6311 |
227 | 41 | Andreas Steffen | 110 1 -2 10557 3805 1796 5365 |
228 | 41 | Andreas Steffen | 111 1 2 5909 10540 3107 6083 |
229 | 41 | Andreas Steffen | 112 0 0 10442 3605 1555 2523 |
230 | 41 | Andreas Steffen | 113 0 2 4226 1933 5029 6252 |
231 | 41 | Andreas Steffen | 114 -1 2 5275 89 7465 3812 |
232 | 41 | Andreas Steffen | 115 -1 0 6815 10334 200 11126 |
233 | 41 | Andreas Steffen | 116 1 2 8730 6104 4971 2153 |
234 | 41 | Andreas Steffen | 117 -1 -2 11235 12105 8587 688 |
235 | 41 | Andreas Steffen | 118 0 -2 1258 4392 665 3646 |
236 | 41 | Andreas Steffen | 119 0 0 2480 3460 8326 2652 |
237 | 41 | Andreas Steffen | 120 1 0 1216 12123 2535 651 |
238 | 41 | Andreas Steffen | 121 0 2 857 2091 562 1352 |
239 | 41 | Andreas Steffen | 122 0 -2 3169 4464 2919 6236 |
240 | 41 | Andreas Steffen | 123 1 0 10107 2680 1350 8667 |
241 | 41 | Andreas Steffen | 124 0 -4 10308 2108 9352 704 |
242 | 41 | Andreas Steffen | 125 1 2 878 11994 2136 3492 |
243 | 41 | Andreas Steffen | 126 0 -2 3800 8913 4121 2070 |
244 | 41 | Andreas Steffen | 127 -1 0 2443 12112 7839 164 |
245 | 41 | Andreas Steffen | 128 0 -2 11654 9227 7360 9710 |
246 | 41 | Andreas Steffen | 129 0 2 11660 11240 10772 2157 |
247 | 41 | Andreas Steffen | 130 1 0 11564 268 12057 4768 |
248 | 41 | Andreas Steffen | 131 0 2 8890 10527 10742 1333 |
249 | 41 | Andreas Steffen | 132 -1 -2 9912 11312 4630 8146 |
250 | 41 | Andreas Steffen | 133 -1 0 11456 6000 2141 4365 |
251 | 41 | Andreas Steffen | 134 2 0 7960 7033 8674 7036 |
252 | 41 | Andreas Steffen | 135 -1 0 8533 2433 6170 11842 |
253 | 41 | Andreas Steffen | 136 1 -2 1397 9385 6566 9096 |
254 | 41 | Andreas Steffen | 137 0 0 3543 10922 5370 59 |
255 | 41 | Andreas Steffen | 138 0 2 691 8292 8171 7134 |
256 | 41 | Andreas Steffen | 139 0 0 2713 3104 9141 2707 |
257 | 41 | Andreas Steffen | 140 0 -4 1268 2361 6871 513 |
258 | 41 | Andreas Steffen | 141 1 2 11076 6984 2153 815 |
259 | 41 | Andreas Steffen | 142 0 0 11657 3591 7098 2661 |
260 | 41 | Andreas Steffen | 143 1 2 2834 4083 3018 1617 |
261 | 41 | Andreas Steffen | 144 0 0 8185 6619 366 9415 |
262 | 41 | Andreas Steffen | 145 -1 -2 1494 11839 6863 449 |
263 | 41 | Andreas Steffen | 146 0 -2 1832 10258 7230 3046 |
264 | 41 | Andreas Steffen | 147 0 0 10931 383 4893 12013 |
265 | 41 | Andreas Steffen | 148 0 -4 8238 6439 4367 1371 |
266 | 41 | Andreas Steffen | 149 0 2 8006 2974 11322 260 |
267 | 41 | Andreas Steffen | 150 0 0 3541 8377 6324 2901 |
268 | 41 | Andreas Steffen | 151 0 -2 687 330 6124 7243 |
269 | 41 | Andreas Steffen | 152 0 -2 5192 10152 4457 10671 |
270 | 41 | Andreas Steffen | 153 0 0 8674 3299 1218 317 |
271 | 41 | Andreas Steffen | 154 -1 -2 1498 19 1224 1358 |
272 | 41 | Andreas Steffen | 155 1 0 472 2029 5208 12231 |
273 | 41 | Andreas Steffen | 156 1 2 11731 6425 7592 7694 |
274 | 41 | Andreas Steffen | 157 0 2 2261 2600 10784 4466 |
275 | 41 | Andreas Steffen | 158 0 -2 1898 10580 1586 6744 |
276 | 41 | Andreas Steffen | 159 0 -2 2031 4303 4379 9674 |
277 | 41 | Andreas Steffen | 160 0 2 8153 5295 3898 8827 |
278 | 41 | Andreas Steffen | 161 0 2 2277 6730 11103 7512 |
279 | 41 | Andreas Steffen | 162 0 0 7728 5951 8617 5449 |
280 | 41 | Andreas Steffen | 163 -1 0 3329 9973 2756 3798 |
281 | 41 | Andreas Steffen | 164 0 4 4018 4540 262 7747 |
282 | 41 | Andreas Steffen | 165 2 -2 10665 6550 101 8895 |
283 | 41 | Andreas Steffen | 166 0 -2 312 5809 4027 6453 |
284 | 41 | Andreas Steffen | 167 0 0 3681 11662 4601 3795 |
285 | 41 | Andreas Steffen | 168 0 0 500 5083 3045 10237 |
286 | 41 | Andreas Steffen | 169 -1 -2 8154 3232 10955 7992 |
287 | 41 | Andreas Steffen | 170 0 0 11548 6348 5285 12164 |
288 | 41 | Andreas Steffen | 171 1 0 6451 22 780 3387 |
289 | 41 | Andreas Steffen | 172 1 0 5800 5147 11929 9887 |
290 | 41 | Andreas Steffen | 173 1 -2 8134 11119 9744 1000 |
291 | 41 | Andreas Steffen | 174 0 0 5101 7573 9100 415 |
292 | 41 | Andreas Steffen | 175 1 0 9541 6816 2627 7553 |
293 | 41 | Andreas Steffen | 176 1 -2 10032 6407 7662 3751 |
294 | 41 | Andreas Steffen | 177 -1 2 8100 1861 3525 10574 |
295 | 41 | Andreas Steffen | 178 0 -2 10999 5885 8924 7590 |
296 | 41 | Andreas Steffen | 179 -1 0 11795 11656 5412 11931 |
297 | 41 | Andreas Steffen | 180 0 0 1342 2873 8302 5833 |
298 | 41 | Andreas Steffen | 181 0 0 8856 10345 7649 3593 |
299 | 41 | Andreas Steffen | 182 0 0 7741 1590 4966 10870 |
300 | 41 | Andreas Steffen | 183 0 -2 3478 2035 10096 11 |
301 | 41 | Andreas Steffen | 184 1 0 8425 2564 3099 9055 |
302 | 41 | Andreas Steffen | 185 1 0 4004 5338 6973 11648 |
303 | 41 | Andreas Steffen | 186 0 0 4081 397 5788 3141 |
304 | 41 | Andreas Steffen | 187 1 -2 6047 6044 3975 7664 |
305 | 41 | Andreas Steffen | 188 0 2 975 9088 8057 9530 |
306 | 41 | Andreas Steffen | 189 -1 -2 3775 8502 1657 2826 |
307 | 41 | Andreas Steffen | 190 0 0 72 5348 10522 5788 |
308 | 41 | Andreas Steffen | 191 -1 2 9402 7182 10043 10824 |
309 | 41 | Andreas Steffen | 192 -2 -2 8696 2259 176 642 |
310 | 41 | Andreas Steffen | 193 1 0 3219 10202 91 8120 |
311 | 41 | Andreas Steffen | 194 0 0 7399 8460 5181 3038 |
312 | 41 | Andreas Steffen | 195 1 0 10700 3012 2362 4856 |
313 | 41 | Andreas Steffen | 196 1 0 4992 11439 10921 551 |
314 | 41 | Andreas Steffen | 197 0 0 5563 1953 8425 923 |
315 | 41 | Andreas Steffen | 198 0 -2 6322 5002 10435 5611 |
316 | 41 | Andreas Steffen | 199 -1 2 5331 3700 5755 6993 |
317 | 41 | Andreas Steffen | 200 0 2 5020 6081 4634 8539 |
318 | 41 | Andreas Steffen | 201 0 -2 1731 4572 2581 9642 |
319 | 41 | Andreas Steffen | 202 0 2 11300 11624 8550 8765 |
320 | 41 | Andreas Steffen | 203 0 0 2415 4285 437 5756 |
321 | 41 | Andreas Steffen | 204 0 0 1692 2723 3419 8567 |
322 | 41 | Andreas Steffen | 205 -1 2 11041 8154 463 1789 |
323 | 41 | Andreas Steffen | 206 0 0 229 879 660 9941 |
324 | 41 | Andreas Steffen | 207 0 0 10044 8647 6406 10013 |
325 | 41 | Andreas Steffen | 208 0 -2 5036 10770 3797 9730 |
326 | 41 | Andreas Steffen | 209 0 2 128 719 6480 5034 |
327 | 41 | Andreas Steffen | 210 -1 0 1769 10401 2634 1730 |
328 | 41 | Andreas Steffen | 211 -1 0 7590 6692 10502 6910 |
329 | 41 | Andreas Steffen | 212 0 0 9672 8222 8598 1131 |
330 | 41 | Andreas Steffen | 213 1 0 3125 9161 4272 2293 |
331 | 41 | Andreas Steffen | 214 1 0 6486 6086 10033 4450 |
332 | 41 | Andreas Steffen | 215 0 2 4166 11350 4036 10531 |
333 | 41 | Andreas Steffen | 216 1 0 10082 11068 11523 7992 |
334 | 41 | Andreas Steffen | 217 0 2 7985 9711 4620 1352 |
335 | 41 | Andreas Steffen | 218 0 -2 4946 35 768 6342 |
336 | 41 | Andreas Steffen | 219 2 0 9774 8732 5103 7354 |
337 | 41 | Andreas Steffen | 220 -1 0 3980 4302 175 11772 |
338 | 41 | Andreas Steffen | 221 -1 0 3136 10258 9525 3299 |
339 | 41 | Andreas Steffen | 222 1 0 10184 11483 7139 6837 |
340 | 41 | Andreas Steffen | 223 0 2 7193 5495 9627 3249 |
341 | 41 | Andreas Steffen | 224 0 2 4553 10654 1257 8703 |
342 | 41 | Andreas Steffen | 225 0 2 7386 1794 2317 7187 |
343 | 41 | Andreas Steffen | 226 -1 2 307 11685 515 5106 |
344 | 41 | Andreas Steffen | 227 -2 -2 7122 9559 7718 11755 |
345 | 41 | Andreas Steffen | 228 -1 2 3466 4578 320 9143 |
346 | 41 | Andreas Steffen | 229 0 0 5051 11084 5008 1495 |
347 | 41 | Andreas Steffen | 230 0 2 10973 1782 6396 707 |
348 | 41 | Andreas Steffen | 231 1 0 1035 6457 5457 9829 |
349 | 41 | Andreas Steffen | 232 1 2 4754 1143 5864 6112 |
350 | 41 | Andreas Steffen | 233 0 2 5311 9348 7515 8484 |
351 | 41 | Andreas Steffen | 234 0 2 3745 10143 2071 5422 |
352 | 41 | Andreas Steffen | 235 0 0 225 10115 234 5223 |
353 | 41 | Andreas Steffen | 236 0 -4 12167 3220 10760 156 |
354 | 41 | Andreas Steffen | 237 0 0 5150 9392 6587 1703 |
355 | 41 | Andreas Steffen | 238 0 0 11547 8431 3214 9415 |
356 | 41 | Andreas Steffen | 239 0 0 10851 7709 8050 7538 |
357 | 41 | Andreas Steffen | 240 -1 -2 874 4765 4964 424 |
358 | 41 | Andreas Steffen | 241 1 -2 10600 1689 176 6010 |
359 | 41 | Andreas Steffen | 242 1 0 5997 7556 2161 3323 |
360 | 41 | Andreas Steffen | 243 0 0 11136 1266 1123 4767 |
361 | 41 | Andreas Steffen | 244 1 2 8554 2615 8070 708 |
362 | 41 | Andreas Steffen | 245 0 0 5773 555 5168 7272 |
363 | 41 | Andreas Steffen | 246 1 0 9508 9446 7790 235 |
364 | 41 | Andreas Steffen | 247 -1 0 3106 4221 6747 8893 |
365 | 41 | Andreas Steffen | 248 0 -2 241 6515 5228 7759 |
366 | 41 | Andreas Steffen | 249 0 0 1974 11662 7592 5613 |
367 | 41 | Andreas Steffen | 250 -1 -2 3428 1764 10330 11640 |
368 | 41 | Andreas Steffen | 251 1 0 4655 1942 1732 6215 |
369 | 41 | Andreas Steffen | 252 0 0 11761 3245 3177 463 |
370 | 41 | Andreas Steffen | 253 0 2 2542 10529 10352 4798 |
371 | 41 | Andreas Steffen | 254 0 0 12279 9976 8184 1686 |
372 | 41 | Andreas Steffen | 255 0 2 3742 10902 6628 4000 |
373 | 41 | Andreas Steffen | 256 -1 0 6807 3116 6784 5492 |
374 | 41 | Andreas Steffen | 257 1 0 901 3092 5803 7605 |
375 | 41 | Andreas Steffen | 258 -1 2 5324 1193 11349 9919 |
376 | 41 | Andreas Steffen | 259 0 0 2529 2195 55 4199 |
377 | 41 | Andreas Steffen | 260 0 2 864 12240 10142 1047 |
378 | 41 | Andreas Steffen | 261 0 -2 1873 5812 8077 11544 |
379 | 41 | Andreas Steffen | 262 0 2 6561 6540 574 2394 |
380 | 41 | Andreas Steffen | 263 0 0 11716 386 2798 10004 |
381 | 41 | Andreas Steffen | 264 -1 -2 9511 6119 7103 8637 |
382 | 41 | Andreas Steffen | 265 0 0 2030 2719 3742 11400 |
383 | 41 | Andreas Steffen | 266 0 0 3930 7307 6651 307 |
384 | 41 | Andreas Steffen | 267 1 0 9365 12108 10182 10128 |
385 | 41 | Andreas Steffen | 268 0 0 3050 9623 605 10173 |
386 | 41 | Andreas Steffen | 269 -1 -2 2608 3226 7810 7644 |
387 | 41 | Andreas Steffen | 270 1 2 1443 10911 8826 9411 |
388 | 41 | Andreas Steffen | 271 1 2 5348 5689 732 8915 |
389 | 41 | Andreas Steffen | 272 -1 0 10309 9547 3782 4821 |
390 | 41 | Andreas Steffen | 273 -1 0 7011 2137 329 5860 |
391 | 41 | Andreas Steffen | 274 1 0 425 151 3881 1572 |
392 | 41 | Andreas Steffen | 275 -1 -2 9483 3656 9352 8742 |
393 | 41 | Andreas Steffen | 276 -1 2 467 11338 1738 10323 |
394 | 41 | Andreas Steffen | 277 1 0 9537 2935 11057 4262 |
395 | 41 | Andreas Steffen | 278 -1 2 2982 4478 9997 4813 |
396 | 41 | Andreas Steffen | 279 0 0 7618 2654 704 6455 |
397 | 41 | Andreas Steffen | 280 1 -2 6020 6996 514 3587 |
398 | 41 | Andreas Steffen | 281 0 0 247 2408 9281 7266 |
399 | 41 | Andreas Steffen | 282 0 0 9312 8448 1433 150 |
400 | 41 | Andreas Steffen | 283 -1 2 8888 579 2432 2254 |
401 | 41 | Andreas Steffen | 284 0 -2 680 8265 7767 2316 |
402 | 41 | Andreas Steffen | 285 0 0 11315 3768 4554 8944 |
403 | 41 | Andreas Steffen | 286 -1 0 5306 2299 8412 4745 |
404 | 41 | Andreas Steffen | 287 1 0 7061 9470 10690 5659 |
405 | 41 | Andreas Steffen | 288 1 -2 12278 9451 2537 6516 |
406 | 41 | Andreas Steffen | 289 -1 -2 6029 4153 8159 650 |
407 | 41 | Andreas Steffen | 290 0 0 83 5244 380 3384 |
408 | 41 | Andreas Steffen | 291 1 0 444 3466 8086 832 |
409 | 41 | Andreas Steffen | 292 0 2 625 11105 9360 7133 |
410 | 41 | Andreas Steffen | 293 -1 2 10950 1635 7226 3056 |
411 | 41 | Andreas Steffen | 294 0 0 601 153 7982 9289 |
412 | 41 | Andreas Steffen | 295 0 0 4177 5547 8758 3163 |
413 | 41 | Andreas Steffen | 296 0 -2 8037 12168 6842 3295 |
414 | 41 | Andreas Steffen | 297 0 2 9675 2582 5677 8555 |
415 | 41 | Andreas Steffen | 298 0 -4 11275 5739 12176 6910 |
416 | 41 | Andreas Steffen | 299 0 0 8556 449 9059 11926 |
417 | 41 | Andreas Steffen | 300 1 -2 7028 8263 4462 1403 |
418 | 41 | Andreas Steffen | 301 1 0 9851 9816 10642 3504 |
419 | 41 | Andreas Steffen | 302 -1 0 3040 12216 8553 2913 |
420 | 41 | Andreas Steffen | 303 -1 4 2910 3848 11681 12110 |
421 | 41 | Andreas Steffen | 304 1 0 1841 10354 4153 1376 |
422 | 41 | Andreas Steffen | 305 -1 0 12210 4975 2286 5252 |
423 | 41 | Andreas Steffen | 306 0 0 8918 9177 1954 260 |
424 | 41 | Andreas Steffen | 307 -2 0 6909 6209 8913 5854 |
425 | 41 | Andreas Steffen | 308 -1 -2 6292 703 6706 11879 |
426 | 41 | Andreas Steffen | 309 1 2 11570 11111 6320 5315 |
427 | 41 | Andreas Steffen | 310 0 0 5052 592 4939 12069 |
428 | 41 | Andreas Steffen | 311 -1 0 10922 12185 9127 2630 |
429 | 41 | Andreas Steffen | 312 0 2 7576 10464 9782 2944 |
430 | 41 | Andreas Steffen | 313 -1 0 3680 366 4320 8876 |
431 | 41 | Andreas Steffen | 314 1 -2 1219 3469 6931 5376 |
432 | 41 | Andreas Steffen | 315 1 0 3550 10768 4531 1823 |
433 | 41 | Andreas Steffen | 316 -2 -2 1658 7879 11165 95 |
434 | 41 | Andreas Steffen | 317 0 0 2694 1931 5154 4973 |
435 | 41 | Andreas Steffen | 318 0 0 1040 460 8549 3732 |
436 | 41 | Andreas Steffen | 319 -1 0 8606 6308 8514 5351 |
437 | 41 | Andreas Steffen | 320 0 -2 8549 1116 10216 4590 |
438 | 41 | Andreas Steffen | 321 0 2 3357 8573 9508 1479 |
439 | 41 | Andreas Steffen | 322 1 -2 6401 9086 5806 731 |
440 | 41 | Andreas Steffen | 323 0 4 8810 541 1047 10610 |
441 | 41 | Andreas Steffen | 324 0 0 12091 1342 9191 11664 |
442 | 41 | Andreas Steffen | 325 -1 -2 3353 7216 6908 4422 |
443 | 41 | Andreas Steffen | 326 1 -2 6423 5847 1781 4290 |
444 | 41 | Andreas Steffen | 327 -1 0 2085 6979 3705 10865 |
445 | 41 | Andreas Steffen | 328 0 0 4054 9659 7199 5282 |
446 | 41 | Andreas Steffen | 329 0 0 4131 7411 9499 318 |
447 | 41 | Andreas Steffen | 330 0 0 4228 5354 10302 4744 |
448 | 41 | Andreas Steffen | 331 0 0 2544 11482 10185 2500 |
449 | 41 | Andreas Steffen | 332 -1 0 83 4027 11600 778 |
450 | 41 | Andreas Steffen | 333 0 2 10980 846 4210 11190 |
451 | 41 | Andreas Steffen | 334 -1 0 9362 3868 220 7803 |
452 | 41 | Andreas Steffen | 335 -1 0 11475 1085 1224 2878 |
453 | 41 | Andreas Steffen | 336 -1 0 5423 164 3901 9840 |
454 | 41 | Andreas Steffen | 337 0 2 4383 2284 10899 9200 |
455 | 41 | Andreas Steffen | 338 0 0 3723 899 11100 10702 |
456 | 41 | Andreas Steffen | 339 1 0 7305 7082 5684 11561 |
457 | 41 | Andreas Steffen | 340 1 0 2908 11634 2989 2078 |
458 | 41 | Andreas Steffen | 341 0 -2 10159 3082 8672 8767 |
459 | 41 | Andreas Steffen | 342 1 2 4147 6030 3925 7103 |
460 | 41 | Andreas Steffen | 343 0 2 6503 8183 7428 7283 |
461 | 41 | Andreas Steffen | 344 0 -4 1540 5385 3648 7333 |
462 | 41 | Andreas Steffen | 345 1 0 6989 2881 10619 8603 |
463 | 41 | Andreas Steffen | 346 0 0 2902 12009 698 5352 |
464 | 41 | Andreas Steffen | 347 0 -2 7777 8639 1878 8255 |
465 | 41 | Andreas Steffen | 348 0 -2 7904 2306 2389 10217 |
466 | 41 | Andreas Steffen | 349 0 0 3969 2527 9120 558 |
467 | 41 | Andreas Steffen | 350 0 0 228 8105 1127 10594 |
468 | 41 | Andreas Steffen | 351 0 0 7932 1438 2928 6326 |
469 | 41 | Andreas Steffen | 352 0 2 7927 11962 2097 5518 |
470 | 41 | Andreas Steffen | 353 0 0 11544 2417 5795 10400 |
471 | 41 | Andreas Steffen | 354 0 0 10459 8131 11956 4921 |
472 | 41 | Andreas Steffen | 355 0 0 312 11086 5587 7238 |
473 | 41 | Andreas Steffen | 356 0 0 1452 11546 4140 441 |
474 | 41 | Andreas Steffen | 357 0 -2 7851 5803 9477 584 |
475 | 41 | Andreas Steffen | 358 0 -2 11293 10761 10615 6033 |
476 | 41 | Andreas Steffen | 359 1 -2 2858 11927 9839 5031 |
477 | 41 | Andreas Steffen | 360 -1 4 359 6204 6880 4866 |
478 | 41 | Andreas Steffen | 361 -1 0 6279 3716 1209 1677 |
479 | 41 | Andreas Steffen | 362 -1 2 1054 5481 3774 3606 |
480 | 41 | Andreas Steffen | 363 0 0 4712 8559 7160 6192 |
481 | 41 | Andreas Steffen | 364 1 0 6108 11892 260 5014 |
482 | 41 | Andreas Steffen | 365 -2 0 7497 2298 580 11947 |
483 | 41 | Andreas Steffen | 366 0 -2 763 7812 2847 3167 |
484 | 41 | Andreas Steffen | 367 0 0 11981 4945 8923 6657 |
485 | 41 | Andreas Steffen | 368 0 0 8100 6595 12018 5346 |
486 | 41 | Andreas Steffen | 369 0 -2 5488 1311 11385 5183 |
487 | 41 | Andreas Steffen | 370 0 2 1659 5948 912 6562 |
488 | 41 | Andreas Steffen | 371 -1 0 8633 6154 9146 9371 |
489 | 41 | Andreas Steffen | 372 1 0 590 1897 5342 1577 |
490 | 41 | Andreas Steffen | 373 0 0 4566 6636 4267 10810 |
491 | 41 | Andreas Steffen | 374 0 -2 8598 3136 1723 8798 |
492 | 41 | Andreas Steffen | 375 0 0 2460 1107 10645 10256 |
493 | 41 | Andreas Steffen | 376 0 2 11497 3068 5174 2397 |
494 | 41 | Andreas Steffen | 377 0 0 2749 4923 7543 2680 |
495 | 41 | Andreas Steffen | 378 1 4 2843 7308 7749 107 |
496 | 41 | Andreas Steffen | 379 -1 0 9178 8015 8361 10628 |
497 | 41 | Andreas Steffen | 380 0 0 8418 1085 7030 1309 |
498 | 41 | Andreas Steffen | 381 0 0 6413 6687 6321 9605 |
499 | 41 | Andreas Steffen | 382 0 0 7704 9813 2529 12015 |
500 | 41 | Andreas Steffen | 383 1 0 4353 11345 5846 7362 |
501 | 41 | Andreas Steffen | 384 -2 0 483 493 7176 887 |
502 | 41 | Andreas Steffen | 385 0 -2 1964 12124 630 11168 |
503 | 41 | Andreas Steffen | 386 0 -2 11626 7968 10413 10000 |
504 | 41 | Andreas Steffen | 387 -1 -2 7600 2425 6332 3104 |
505 | 41 | Andreas Steffen | 388 0 0 1875 10712 9870 4381 |
506 | 41 | Andreas Steffen | 389 -1 2 5301 9244 9938 7693 |
507 | 41 | Andreas Steffen | 390 -1 0 8347 1651 4708 10498 |
508 | 41 | Andreas Steffen | 391 -1 0 6480 3664 7631 8055 |
509 | 41 | Andreas Steffen | 392 1 0 11001 4962 3013 1707 |
510 | 41 | Andreas Steffen | 393 -1 0 9167 5049 12060 7976 |
511 | 41 | Andreas Steffen | 394 0 0 3871 10432 8889 9207 |
512 | 41 | Andreas Steffen | 395 0 2 1900 1335 3063 7210 |
513 | 41 | Andreas Steffen | 396 0 0 3446 5082 11819 11075 |
514 | 41 | Andreas Steffen | 397 -1 0 9621 12019 8735 5657 |
515 | 41 | Andreas Steffen | 398 0 2 10282 5977 5889 6091 |
516 | 41 | Andreas Steffen | 399 0 -2 6899 10659 10654 7201 |
517 | 41 | Andreas Steffen | 400 0 -2 8828 11918 530 10532 |
518 | 41 | Andreas Steffen | 401 0 0 5889 5235 1426 1505 |
519 | 41 | Andreas Steffen | 402 0 2 10499 11288 6888 11079 |
520 | 41 | Andreas Steffen | 403 0 -2 6758 11300 3460 9527 |
521 | 41 | Andreas Steffen | 404 0 2 10492 4626 9496 103 |
522 | 41 | Andreas Steffen | 405 1 0 4071 5214 9330 5418 |
523 | 41 | Andreas Steffen | 406 0 4 4344 5575 3054 6479 |
524 | 41 | Andreas Steffen | 407 0 -2 3367 988 6366 11176 |
525 | 41 | Andreas Steffen | 408 -1 0 7382 6520 1529 9724 |
526 | 41 | Andreas Steffen | 409 0 0 7638 6486 4438 2460 |
527 | 41 | Andreas Steffen | 410 0 -2 1148 9873 8821 1975 |
528 | 41 | Andreas Steffen | 411 0 0 6283 5276 11948 5257 |
529 | 41 | Andreas Steffen | 412 0 2 2366 6232 10434 9810 |
530 | 41 | Andreas Steffen | 413 1 0 3431 2686 4540 2454 |
531 | 41 | Andreas Steffen | 414 1 0 4532 5476 11629 4946 |
532 | 41 | Andreas Steffen | 415 0 0 5428 8846 483 4258 |
533 | 41 | Andreas Steffen | 416 0 4 2795 1320 8114 5350 |
534 | 41 | Andreas Steffen | 417 0 2 2510 12017 2768 5050 |
535 | 41 | Andreas Steffen | 418 0 -2 2406 2440 2740 6750 |
536 | 41 | Andreas Steffen | 419 0 2 10282 1086 809 10400 |
537 | 41 | Andreas Steffen | 420 0 0 8477 8393 3405 10159 |
538 | 41 | Andreas Steffen | 421 -1 0 7203 5025 387 6339 |
539 | 41 | Andreas Steffen | 422 0 0 1510 42 3061 5047 |
540 | 41 | Andreas Steffen | 423 1 0 8899 1346 3963 3518 |
541 | 41 | Andreas Steffen | 424 0 0 7690 4485 2532 6815 |
542 | 41 | Andreas Steffen | 425 0 -2 2210 11591 2890 4503 |
543 | 41 | Andreas Steffen | 426 0 0 2367 8826 8001 12127 |
544 | 41 | Andreas Steffen | 427 1 2 10596 8314 7863 12185 |
545 | 41 | Andreas Steffen | 428 -1 -2 6039 10099 5011 6333 |
546 | 41 | Andreas Steffen | 429 -1 -2 7353 8641 6623 965 |
547 | 41 | Andreas Steffen | 430 0 0 3054 6816 5283 7438 |
548 | 41 | Andreas Steffen | 431 -1 0 9421 5919 7903 11491 |
549 | 41 | Andreas Steffen | 432 0 0 5202 11236 11135 6875 |
550 | 41 | Andreas Steffen | 433 1 0 10469 3625 5140 11409 |
551 | 41 | Andreas Steffen | 434 -1 0 6457 3420 1289 3087 |
552 | 41 | Andreas Steffen | 435 0 0 4981 7584 3667 8992 |
553 | 41 | Andreas Steffen | 436 0 0 2486 9323 5488 6760 |
554 | 41 | Andreas Steffen | 437 0 -2 10800 9052 10347 4450 |
555 | 41 | Andreas Steffen | 438 1 0 1546 5976 6208 10283 |
556 | 41 | Andreas Steffen | 439 -1 0 10050 8648 5275 3907 |
557 | 41 | Andreas Steffen | 440 1 4 10633 8816 8122 7347 |
558 | 41 | Andreas Steffen | 441 -1 0 8730 5232 12281 4754 |
559 | 41 | Andreas Steffen | 442 1 2 4288 4871 6784 12192 |
560 | 41 | Andreas Steffen | 443 1 0 9297 9950 4775 2378 |
561 | 41 | Andreas Steffen | 444 1 2 1069 209 11331 995 |
562 | 41 | Andreas Steffen | 445 0 0 7851 6881 6175 5523 |
563 | 41 | Andreas Steffen | 446 0 0 5388 6671 4672 1421 |
564 | 41 | Andreas Steffen | 447 0 -2 10231 5133 2309 5799 |
565 | 41 | Andreas Steffen | 448 -1 0 153 9835 5074 5216 |
566 | 41 | Andreas Steffen | 449 0 0 11934 2437 7339 11818 |
567 | 41 | Andreas Steffen | 450 -1 0 8801 8789 48 11348 |
568 | 41 | Andreas Steffen | 451 0 2 6042 987 8243 10106 |
569 | 41 | Andreas Steffen | 452 -2 0 10333 2589 4798 6818 |
570 | 41 | Andreas Steffen | 453 -1 0 6545 9349 9453 2743 |
571 | 41 | Andreas Steffen | 454 -1 -2 4195 9643 9110 11013 |
572 | 41 | Andreas Steffen | 455 0 -2 6640 357 11133 9945 |
573 | 41 | Andreas Steffen | 456 -1 0 11534 6683 11405 44 |
574 | 41 | Andreas Steffen | 457 0 0 7142 5256 9490 10584 |
575 | 41 | Andreas Steffen | 458 0 0 7200 2149 3622 9014 |
576 | 41 | Andreas Steffen | 459 0 0 7165 7039 10762 7156 |
577 | 41 | Andreas Steffen | 460 1 2 8215 7133 10600 1285 |
578 | 41 | Andreas Steffen | 461 2 -2 11301 10333 7383 769 |
579 | 41 | Andreas Steffen | 462 -1 0 5004 10864 3139 1300 |
580 | 41 | Andreas Steffen | 463 1 0 11040 3075 10760 11733 |
581 | 41 | Andreas Steffen | 464 0 -2 6614 8230 3156 2279 |
582 | 41 | Andreas Steffen | 465 0 0 3877 7182 10115 11440 |
583 | 41 | Andreas Steffen | 466 -1 0 2357 2232 4764 2711 |
584 | 41 | Andreas Steffen | 467 1 -2 3295 2363 2758 2045 |
585 | 41 | Andreas Steffen | 468 0 0 8589 865 2917 2518 |
586 | 41 | Andreas Steffen | 469 0 2 2772 2928 3650 6641 |
587 | 41 | Andreas Steffen | 470 0 0 5177 2183 7996 8414 |
588 | 41 | Andreas Steffen | 471 1 -2 6874 9197 8865 8729 |
589 | 41 | Andreas Steffen | 472 -2 0 7827 11526 10909 1548 |
590 | 41 | Andreas Steffen | 473 0 -2 11766 8236 6451 5159 |
591 | 41 | Andreas Steffen | 474 0 2 10634 8707 6140 7148 |
592 | 41 | Andreas Steffen | 475 -1 0 613 1770 4832 8487 |
593 | 41 | Andreas Steffen | 476 1 2 4973 1080 10080 8202 |
594 | 41 | Andreas Steffen | 477 0 0 11955 4174 873 1699 |
595 | 41 | Andreas Steffen | 478 -1 -2 10831 993 6778 8348 |
596 | 41 | Andreas Steffen | 479 1 0 5558 5835 7067 4186 |
597 | 41 | Andreas Steffen | 480 0 -2 2702 3993 6392 6043 |
598 | 41 | Andreas Steffen | 481 -1 0 12069 1685 1987 4574 |
599 | 41 | Andreas Steffen | 482 -1 -2 10029 9050 6174 10299 |
600 | 41 | Andreas Steffen | 483 -1 0 9883 8157 10233 1321 |
601 | 41 | Andreas Steffen | 484 1 2 4512 7252 6080 699 |
602 | 41 | Andreas Steffen | 485 0 0 5562 756 5195 11922 |
603 | 41 | Andreas Steffen | 486 0 0 3388 2386 11462 7782 |
604 | 41 | Andreas Steffen | 487 0 0 8847 11806 10279 2981 |
605 | 41 | Andreas Steffen | 488 2 0 4206 9692 7466 3513 |
606 | 41 | Andreas Steffen | 489 1 2 10165 11806 9176 10260 |
607 | 41 | Andreas Steffen | 490 0 0 1657 11469 12267 30 |
608 | 41 | Andreas Steffen | 491 0 0 10457 11636 606 319 |
609 | 41 | Andreas Steffen | 492 1 0 2806 9200 7521 1752 |
610 | 41 | Andreas Steffen | 493 0 0 1874 5675 11192 6546 |
611 | 41 | Andreas Steffen | 494 0 2 874 5094 11842 7809 |
612 | 41 | Andreas Steffen | 495 -1 0 760 12102 5115 10093 |
613 | 41 | Andreas Steffen | 496 -1 0 1626 4185 9898 2052 |
614 | 41 | Andreas Steffen | 497 -1 2 11878 8847 8718 11044 |
615 | 41 | Andreas Steffen | 498 -1 0 952 2338 1103 11254 |
616 | 41 | Andreas Steffen | 499 1 -2 2558 10638 3234 3355 |
617 | 41 | Andreas Steffen | 500 -1 0 8556 11033 5603 1199 |
618 | 41 | Andreas Steffen | 501 0 0 5848 7063 11603 6796 |
619 | 41 | Andreas Steffen | 502 0 2 7859 2289 1071 7667 |
620 | 41 | Andreas Steffen | 503 0 0 7909 7745 9517 9120 |
621 | 41 | Andreas Steffen | 504 0 0 7307 3801 992 4019 |
622 | 41 | Andreas Steffen | 505 0 2 4268 2937 3718 1290 |
623 | 41 | Andreas Steffen | 506 0 0 7878 10639 121 12207 |
624 | 41 | Andreas Steffen | 507 0 -2 9470 8437 10821 3280 |
625 | 41 | Andreas Steffen | 508 -1 0 8213 9197 7737 8475 |
626 | 41 | Andreas Steffen | 509 -1 -2 10700 6041 8143 5205 |
627 | 41 | Andreas Steffen | 510 -1 0 344 5879 1943 2793 |
628 | 41 | Andreas Steffen | 511 1 0 10325 7270 3760 2198 |
629 | 4 | Andreas Steffen | </pre> |
630 | 4 | Andreas Steffen | Shown are the 512 small coefficients of the private keys *f* = *s1* and *g* = 2 * *s2* + 1 as well as their Number Theoretic Transforms (NTT) *F* and *G*, respectively. The BLISS public key *A* is computed as the component-wise inverse of *F* * *G* and the reverse NTT gives *a* = 1/(*f* * *g*) mod q with the 14 bit modulus q = 12289. Sometime it happens that *F* * *G* is not invertible, so that the following debug message is output |
631 | 4 | Andreas Steffen | <pre> |
632 | 41 | Andreas Steffen | S1[374] is zero - s1 is not invertible |
633 | 7 | Andreas Steffen | </pre> |
634 | 10 | Andreas Steffen | and another trial run is started. |
635 | 7 | Andreas Steffen | |
636 | 7 | Andreas Steffen | h2. BLISS Root CA Certificate Generation |
637 | 7 | Andreas Steffen | |
638 | 21 | Andreas Steffen | A self-signed BLISS CA certificate can be generated with the following command |
639 | 7 | Andreas Steffen | <pre> |
640 | 7 | Andreas Steffen | pki --self --type bliss --in cakey4.pem --ca --dn "C=CH, O=strongSwan Project, CN=strongSwan BLISS Root CA" --lifetime 3653 --debug 2 --outform pem > cacert4.pem |
641 | 7 | Andreas Steffen | |
642 | 7 | Andreas Steffen | file content is not binary ASN.1 |
643 | 7 | Andreas Steffen | -----BEGIN BLISS PRIVATE KEY----- |
644 | 7 | Andreas Steffen | -----END BLISS PRIVATE KEY----- |
645 | 7 | Andreas Steffen | |
646 | 7 | Andreas Steffen | L0 - BLISSPrivateKey: |
647 | 7 | Andreas Steffen | L1 - keyType: |
648 | 42 | Andreas Steffen | 'BLISS-B_IV' |
649 | 7 | Andreas Steffen | L1 - public: |
650 | 7 | Andreas Steffen | L1 - secret1: |
651 | 7 | Andreas Steffen | L1 - secret2: |
652 | 7 | Andreas Steffen | L0 - subjectPublicKeyInfo: |
653 | 7 | Andreas Steffen | L1 - algorithm: |
654 | 7 | Andreas Steffen | L2 - algorithmIdentifier: |
655 | 7 | Andreas Steffen | L3 - algorithm: |
656 | 1 | Andreas Steffen | 'blissPublicKey' |
657 | 7 | Andreas Steffen | L3 - parameters: |
658 | 7 | Andreas Steffen | L4 - blissKeyType: |
659 | 42 | Andreas Steffen | 'BLISS-B_IV' |
660 | 1 | Andreas Steffen | L1 - subjectPublicKey: |
661 | 7 | Andreas Steffen | |
662 | 1 | Andreas Steffen | mgf1 based on sha256 is seeded with 32 octets |
663 | 42 | Andreas Steffen | y1 = -991..766 (sigma2 = 76597, mean = -22.8) |
664 | 42 | Andreas Steffen | y2 = -1036..956 (sigma2 = 84979, mean = 4.5) |
665 | 42 | Andreas Steffen | norm2(s1*c') + norm2(s2*c') = 55310 (69576 max), accepted |
666 | 42 | Andreas Steffen | scalar(z1,s1*c) + scalar(z2,s2*c) = -66103, rejected |
667 | 11 | Andreas Steffen | |
668 | 42 | Andreas Steffen | mgf1 generated 10464 octets |
669 | 11 | Andreas Steffen | mgf1 based on sha256 is seeded with 32 octets |
670 | 42 | Andreas Steffen | y1 = -732..848 (sigma2 = 71245, mean = 2.6) |
671 | 42 | Andreas Steffen | y2 = -799..651 (sigma2 = 70586, mean = 20.7) |
672 | 42 | Andreas Steffen | norm2(s1*c') + norm2(s2*c') = 57406 (69576 max), accepted |
673 | 42 | Andreas Steffen | scalar(z1,s1*c) + scalar(z2,s2*c) = -35398, accepted |
674 | 11 | Andreas Steffen | |
675 | 42 | Andreas Steffen | z1 = -734..853, z2d = -3..3 |
676 | 11 | Andreas Steffen | |
677 | 42 | Andreas Steffen | efficiency of Huffman coder is 3.4180 bits/tuple (1750 bits) |
678 | 42 | Andreas Steffen | generated BLISS signature (6709 bits encoded in 839 bytes) |
679 | 42 | Andreas Steffen | signature generation needed 2 rounds |
680 | 11 | Andreas Steffen | |
681 | 42 | Andreas Steffen | mgf1 generated 10464 octets |
682 | 1 | Andreas Steffen | </pre> |
683 | 42 | Andreas Steffen | With a debug level of 2 you get quite a lot of debug information. Starting from the top, the automatic conversion from PEM to DER format is shown, followed by the ASN.1 encoding of the BLISS private key from which the BLISS public key is extracted. Then in order to generate the BLISS certificate signature, two vectors *y1* and *y2* with 512 random numbers tightly following a Gaussian probability distribution using rejection sampling are generated. This process often requires several rounds and a lot of random bits are used. The BLISS signature finally consists of the random vectors *z1* and *z2* as well as the sparse challenge vector *c*. |
684 | 10 | Andreas Steffen | |
685 | 10 | Andreas Steffen | A BLISS certificate can be displayed at any time with |
686 | 1 | Andreas Steffen | <pre> |
687 | 1 | Andreas Steffen | pki --print --debug 2 --in cacert4.pem |
688 | 1 | Andreas Steffen | |
689 | 1 | Andreas Steffen | L0 - x509: |
690 | 1 | Andreas Steffen | L1 - tbsCertificate: |
691 | 1 | Andreas Steffen | L2 - DEFAULT v1: |
692 | 10 | Andreas Steffen | L3 - version: |
693 | 10 | Andreas Steffen | X.509v3 |
694 | 10 | Andreas Steffen | L2 - serialNumber: |
695 | 10 | Andreas Steffen | L2 - signature: |
696 | 10 | Andreas Steffen | L3 - algorithmIdentifier: |
697 | 10 | Andreas Steffen | L4 - algorithm: |
698 | 12 | Andreas Steffen | 'BLISS-with-SHA512' |
699 | 10 | Andreas Steffen | L2 - issuer: |
700 | 10 | Andreas Steffen | 'C=CH, O=strongSwan Project, CN=strongSwan BLISS Root CA' |
701 | 10 | Andreas Steffen | L2 - validity: |
702 | 11 | Andreas Steffen | L3 - notBefore: |
703 | 10 | Andreas Steffen | L4 - utcTime: |
704 | 42 | Andreas Steffen | 'Mar 15 16:58:01 UTC 2015' |
705 | 11 | Andreas Steffen | L3 - notAfter: |
706 | 10 | Andreas Steffen | L4 - utcTime: |
707 | 42 | Andreas Steffen | 'Mar 15 16:58:01 UTC 2025' |
708 | 1 | Andreas Steffen | L2 - subject: |
709 | 1 | Andreas Steffen | 'C=CH, O=strongSwan Project, CN=strongSwan BLISS Root CA' |
710 | 1 | Andreas Steffen | L2 - subjectPublicKeyInfo: |
711 | 1 | Andreas Steffen | -- > -- |
712 | 42 | Andreas Steffen | L0 - subjectPublicKeyInfo: |
713 | 42 | Andreas Steffen | L1 - algorithm: |
714 | 42 | Andreas Steffen | L2 - algorithmIdentifier: |
715 | 42 | Andreas Steffen | L3 - algorithm: |
716 | 42 | Andreas Steffen | 'blissPublicKey' |
717 | 42 | Andreas Steffen | L3 - parameters: |
718 | 42 | Andreas Steffen | L0 - subjectPublicKeyInfo: |
719 | 42 | Andreas Steffen | L1 - algorithm: |
720 | 42 | Andreas Steffen | L2 - algorithmIdentifier: |
721 | 42 | Andreas Steffen | L3 - algorithm: |
722 | 42 | Andreas Steffen | 'blissPublicKey' |
723 | 42 | Andreas Steffen | L3 - parameters: |
724 | 42 | Andreas Steffen | L4 - blissKeyType: |
725 | 42 | Andreas Steffen | 'BLISS-B_IV' |
726 | 42 | Andreas Steffen | L1 - subjectPublicKey: |
727 | 1 | Andreas Steffen | -- < -- |
728 | 11 | Andreas Steffen | L2 - optional extensions: |
729 | 11 | Andreas Steffen | L3 - extensions: |
730 | 1 | Andreas Steffen | L4 - extension: |
731 | 11 | Andreas Steffen | L5 - extnID: |
732 | 1 | Andreas Steffen | 'basicConstraints' |
733 | 1 | Andreas Steffen | L5 - critical: |
734 | 11 | Andreas Steffen | TRUE |
735 | 1 | Andreas Steffen | L5 - extnValue: |
736 | 11 | Andreas Steffen | L6 - basicConstraints: |
737 | 11 | Andreas Steffen | L7 - CA: |
738 | 10 | Andreas Steffen | TRUE |
739 | 1 | Andreas Steffen | L4 - extension: |
740 | 1 | Andreas Steffen | L5 - extnID: |
741 | 1 | Andreas Steffen | 'keyUsage' |
742 | 1 | Andreas Steffen | L5 - critical: |
743 | 10 | Andreas Steffen | TRUE |
744 | 11 | Andreas Steffen | L5 - extnValue: |
745 | 10 | Andreas Steffen | L4 - extension: |
746 | 10 | Andreas Steffen | L5 - extnID: |
747 | 12 | Andreas Steffen | 'subjectKeyIdentifier' |
748 | 12 | Andreas Steffen | L5 - critical: |
749 | 11 | Andreas Steffen | FALSE |
750 | 11 | Andreas Steffen | L5 - extnValue: |
751 | 11 | Andreas Steffen | L6 - keyIdentifier: |
752 | 10 | Andreas Steffen | L1 - signatureAlgorithm: |
753 | 10 | Andreas Steffen | L2 - algorithmIdentifier: |
754 | 21 | Andreas Steffen | L3 - algorithm: |
755 | 10 | Andreas Steffen | 'BLISS-with-SHA512' |
756 | 13 | Andreas Steffen | L1 - signatureValue: |
757 | 11 | Andreas Steffen | |
758 | 42 | Andreas Steffen | z1 = -734..853, z2d = -3..3 |
759 | 12 | Andreas Steffen | |
760 | 12 | Andreas Steffen | cert: X509 |
761 | 11 | Andreas Steffen | subject: "C=CH, O=strongSwan Project, CN=strongSwan BLISS Root CA" |
762 | 1 | Andreas Steffen | issuer: "C=CH, O=strongSwan Project, CN=strongSwan BLISS Root CA" |
763 | 42 | Andreas Steffen | validity: not before Mar 15 17:58:01 2015, ok |
764 | 42 | Andreas Steffen | not after Mar 15 17:58:01 2025, ok (expires in 3652 days) |
765 | 42 | Andreas Steffen | serial: 55:9c:dd:7d:32:89:99:a8 |
766 | 42 | Andreas Steffen | flags: CA CRLSign self-signed |
767 | 42 | Andreas Steffen | subjkeyId: 47:bd:9e:5e:a8:58:ce:60:14:73:f3:54:7c:e8:28:10:7b:e6:c7:65 |
768 | 1 | Andreas Steffen | pubkey: BLISS 192 bits strength |
769 | 42 | Andreas Steffen | keyid: 1c:a7:5c:94:d1:ee:f6:c7:94:21:18:e5:ef:89:b3:c3:64:42:24:97 |
770 | 42 | Andreas Steffen | subjkey: 47:bd:9e:5e:a8:58:ce:60:14:73:f3:54:7c:e8:28:10:7b:e6:c7:65 |
771 | 16 | Andreas Steffen | </pre> |
772 | 12 | Andreas Steffen | |
773 | 12 | Andreas Steffen | h2. BLISS End Entity Certificate Generation |
774 | 12 | Andreas Steffen | |
775 | 12 | Andreas Steffen | We are now going to generate a BLISS-I key pair for user Carol: |
776 | 12 | Andreas Steffen | <pre> |
777 | 12 | Andreas Steffen | pki --gen --type bliss --size 1 > carolKey.der |
778 | 12 | Andreas Steffen | |
779 | 42 | Andreas Steffen | secret key generation succeeded after 1 trial |
780 | 12 | Andreas Steffen | </pre> |
781 | 12 | Andreas Steffen | Next we create a self-signed PKCS#10 certificate request |
782 | 12 | Andreas Steffen | <pre> |
783 | 12 | Andreas Steffen | pki --req --type bliss --in carolKey.der --dn "C=CH, O=strongSwan Project, CN=carol@strongswan.org" --san carol@strongswan.org > carolReq.der |
784 | 12 | Andreas Steffen | </pre> |
785 | 13 | Andreas Steffen | which is used as the input for the CA to create a signed end entity certificate: |
786 | 12 | Andreas Steffen | <pre> |
787 | 12 | Andreas Steffen | pki --issue --type pkcs10 --in carolReq.der --cacert cacert4.pem --cakey cakey4.pem --crl http://crl.strongswan.org/bliss.crl --flag clientAuth > carolCert.der |
788 | 12 | Andreas Steffen | </pre> |
789 | 13 | Andreas Steffen | and which has the following content |
790 | 12 | Andreas Steffen | <pre> |
791 | 12 | Andreas Steffen | pki --print --in carolCert.der |
792 | 12 | Andreas Steffen | |
793 | 12 | Andreas Steffen | cert: X509 |
794 | 12 | Andreas Steffen | subject: "C=CH, O=strongSwan Project, CN=carol@strongswan.org" |
795 | 1 | Andreas Steffen | issuer: "C=CH, O=strongSwan Project, CN=strongSwan BLISS Root CA" |
796 | 42 | Andreas Steffen | validity: not before Mar 15 18:04:00 2015, ok |
797 | 42 | Andreas Steffen | not after Mar 14 18:04:00 2018, ok (expires in 1094 days) |
798 | 42 | Andreas Steffen | serial: 43:63:44:f0:7f:2f:aa:dc |
799 | 1 | Andreas Steffen | altNames: carol@strongswan.org |
800 | 42 | Andreas Steffen | flags: clientAuth |
801 | 12 | Andreas Steffen | CRL URIs: http://crl.strongswan.org/bliss.crl |
802 | 42 | Andreas Steffen | authkeyId: 47:bd:9e:5e:a8:58:ce:60:14:73:f3:54:7c:e8:28:10:7b:e6:c7:65 |
803 | 42 | Andreas Steffen | subjkeyId: cb:b5:c3:d5:00:ba:bb:90:ec:80:99:05:68:72:ae:3b:04:f8:9b:5f |
804 | 12 | Andreas Steffen | pubkey: BLISS 128 bits strength |
805 | 42 | Andreas Steffen | keyid: f5:0e:6e:0c:4c:65:ac:03:41:bf:5c:9f:26:d5:52:dc:87:6b:3d:15 |
806 | 42 | Andreas Steffen | subjkey: cb:b5:c3:d5:00:ba:bb:90:ec:80:99:05:68:72:ae:3b:04:f8:9b:5f |
807 | 13 | Andreas Steffen | </pre> |
808 | 13 | Andreas Steffen | |
809 | 36 | Andreas Steffen | h2. IKEv2 Public Key Authentication using BLISS Signatures |
810 | 15 | Andreas Steffen | |
811 | 15 | Andreas Steffen | The "ikev2/rw-ntru-bliss":http://www.strongswan.org/uml/testresults5/ikev2/rw-ntru-bliss/ strongSwan remote-access VPN scenario shows the practical use of IKEv2 public key authentication based on BLISS signatures. The larger size of the BLISS signatures and certificates compared to RSA is not a problem because IKEv2 Message Fragmentation ("RFC 7383":http://tools.ietf.org/html/rfc7383) is being used: |
812 | 14 | Andreas Steffen | |
813 | 14 | Andreas Steffen | IKE_AUTH Request |
814 | 14 | Andreas Steffen | <pre> |
815 | 43 | Andreas Steffen | Mar 15 12:18:03 carol charon: 13[IKE] sending end entity cert "C=CH, O=Linux strongSwan, OU=BLISS I, CN=carol@strongswan.org" |
816 | 43 | Andreas Steffen | Mar 15 12:18:03 carol charon: 13[IKE] establishing CHILD_SA home |
817 | 43 | Andreas Steffen | Mar 15 12:18:03 carol charon: 13[ENC] generating IKE_AUTH request 1 [ IDi CERT N(INIT_CONTACT) CERTREQ IDr AUTH CPRQ(ADDR) SA TSi TSr N(MOBIKE_SUP) N(ADD_6_ADDR) N(MULT_AUTH) N(EAP_ONLY) ] |
818 | 43 | Andreas Steffen | Mar 15 12:18:03 carol charon: 13[ENC] splitting IKE message with length of 3232 bytes into 3 fragments |
819 | 43 | Andreas Steffen | Mar 15 12:18:03 carol charon: 13[ENC] generating IKE_AUTH request 1 [ EF ] |
820 | 43 | Andreas Steffen | Mar 15 12:18:03 carol charon: 13[ENC] generating IKE_AUTH request 1 [ EF ] |
821 | 43 | Andreas Steffen | Mar 15 12:18:03 carol charon: 13[ENC] generating IKE_AUTH request 1 [ EF ] |
822 | 43 | Andreas Steffen | Mar 15 12:18:03 carol charon: 13[NET] sending packet: from 192.168.0.100[4500] to 192.168.0.1[4500] (1460 bytes) |
823 | 43 | Andreas Steffen | Mar 15 12:18:03 carol charon: 13[NET] sending packet: from 192.168.0.100[4500] to 192.168.0.1[4500] (1460 bytes) |
824 | 43 | Andreas Steffen | Mar 15 12:18:03 carol charon: 13[NET] sending packet: from 192.168.0.100[4500] to 192.168.0.1[4500] (452 bytes) |
825 | 15 | Andreas Steffen | </pre> |
826 | 14 | Andreas Steffen | |
827 | 14 | Andreas Steffen | IKE_AUTH Response |
828 | 14 | Andreas Steffen | <pre> |
829 | 43 | Andreas Steffen | Mar 15 12:18:03 carol charon: 14[NET] received packet: from 192.168.0.1[4500] to 192.168.0.100[4500] (1460 bytes) |
830 | 43 | Andreas Steffen | Mar 15 12:18:03 carol charon: 14[ENC] parsed IKE_AUTH response 1 [ EF ] |
831 | 43 | Andreas Steffen | Mar 15 12:18:03 carol charon: 14[ENC] received fragment #1 of 3, waiting for complete IKE message |
832 | 43 | Andreas Steffen | Mar 15 12:18:03 carol charon: 14[NET] received packet: from 192.168.0.1[4500] to 192.168.0.100[4500] (1460 bytes) |
833 | 43 | Andreas Steffen | Mar 15 12:18:03 carol charon: 14[ENC] parsed IKE_AUTH response 1 [ EF ] |
834 | 43 | Andreas Steffen | Mar 15 12:18:03 carol charon: 14[ENC] received fragment #2 of 3, waiting for complete IKE message |
835 | 43 | Andreas Steffen | Mar 15 12:18:03 carol charon: 15[NET] received packet: from 192.168.0.1[4500] to 192.168.0.100[4500] (580 bytes) |
836 | 43 | Andreas Steffen | Mar 15 12:18:03 carol charon: 15[ENC] parsed IKE_AUTH response 1 [ EF ] |
837 | 43 | Andreas Steffen | Mar 15 12:18:03 carol charon: 15[ENC] received fragment #3 of 3, reassembling fragmented IKE message |
838 | 43 | Andreas Steffen | Mar 15 12:18:03 carol charon: 15[ENC] parsed IKE_AUTH response 1 [ IDr CERT AUTH CPRP(ADDR) SA TSi TSr N(AUTH_LFT) N(MOBIKE_SUP) N(ADD_4_ADDR) N(ADD_6_ADDR) N(ADD_6_ADDR) ] |
839 | 43 | Andreas Steffen | Mar 15 12:18:03 carol charon: 15[IKE] received end entity cert "C=CH, O=Linux strongSwan, OU=BLISS IV, CN=moon.strongswan.org" |
840 | 43 | Andreas Steffen | Mar 15 12:18:03 carol charon: 15[CFG] using certificate "C=CH, O=Linux strongSwan, OU=BLISS IV, CN=moon.strongswan.org" |
841 | 43 | Andreas Steffen | Mar 15 12:18:03 carol charon: 15[CFG] using trusted ca certificate "C=CH, O=Linux strongSwan, CN=strongSwan BLISS Root CA" |
842 | 43 | Andreas Steffen | Mar 15 12:18:03 carol charon: 15[CFG] checking certificate status of "C=CH, O=Linux strongSwan, OU=BLISS IV, CN=moon.strongswan.org" |
843 | 43 | Andreas Steffen | Mar 15 12:18:03 carol charon: 15[CFG] fetching crl from 'http://crl.strongswan.org/strongswan_bliss.crl' ... |
844 | 43 | Andreas Steffen | Mar 15 12:18:03 carol charon: 15[CFG] using trusted certificate "C=CH, O=Linux strongSwan, CN=strongSwan BLISS Root CA" |
845 | 43 | Andreas Steffen | Mar 15 12:18:03 carol charon: 15[CFG] crl correctly signed by "C=CH, O=Linux strongSwan, CN=strongSwan BLISS Root CA" |
846 | 43 | Andreas Steffen | Mar 15 12:18:03 carol charon: 15[CFG] crl is valid: until Apr 14 11:08:14 2015 |
847 | 43 | Andreas Steffen | Mar 15 12:18:03 carol charon: 15[CFG] certificate status is good |
848 | 43 | Andreas Steffen | Mar 15 12:18:03 carol charon: 15[CFG] reached self-signed root ca with a path length of 0 |
849 | 43 | Andreas Steffen | Mar 15 12:18:03 carol charon: 15[IKE] authentication of 'moon.strongswan.org' with BLISS_WITH_SHA512 successful |
850 | 43 | Andreas Steffen | Mar 15 12:18:03 carol charon: 15[IKE] IKE_SA home[1] established between 192.168.0.100[carol@strongswan.org]...192.168.0.1[moon.strongswan.org] |
851 | 15 | Andreas Steffen | </pre> |
852 | 15 | Andreas Steffen | BTW- the key exchange method used is [[NTRU|NTRU Encryption]] so that the strongSwan IPsec connection setup is not vulnerable to quantum computer based key attacks: |
853 | 14 | Andreas Steffen | |
854 | 1 | Andreas Steffen | IKE_SA_INIT Request |
855 | 1 | Andreas Steffen | <pre> |
856 | 43 | Andreas Steffen | Mar 15 12:18:03 carol charon: 12[IKE] initiating IKE_SA home[1] to 192.168.0.1 |
857 | 43 | Andreas Steffen | Mar 15 12:18:03 carol charon: 12[LIB] 128 bit optimum NTRU parameter set ees439ep1 selected |
858 | 43 | Andreas Steffen | Mar 15 12:18:03 carol charon: 12[ENC] generating IKE_SA_INIT request 0 [ SA KE No N(NATD_S_IP) N(NATD_D_IP) N(FRAG_SUP) N(HASH_ALG) V ] |
859 | 43 | Andreas Steffen | Mar 15 12:18:03 carol charon: 12[NET] sending packet: from 192.168.0.100[500] to 192.168.0.1[500] (829 bytes) |
860 | 1 | Andreas Steffen | </pre> |
861 | 1 | Andreas Steffen | |
862 | 1 | Andreas Steffen | h2. Design Details on BLISS Signatures |
863 | 1 | Andreas Steffen | |
864 | 16 | Andreas Steffen | * For Gaussian sampling we are using a Bernoulli Sampler as described in "Lattice Signatures and Bimodal Gaussians":https://eprint.iacr.org/2013/383 but currently not a Cumulative Distribution Table (CDT). This means the Gaussian rejection sampling currently requires a lot of random material which is produced using the "MGF1":https://wiki.strongswan.org/projects/strongswan/repository/revisions/master/entry/src/libstrongswan/crypto/mgf1/mgf1.h Mask Generation Function ("RFC 2437":http://tools.ietf.org/html/rfc2437#section-10.2.1) seeded by a true random source. The hash function used with MGF1 is currently SHA-1 for cryptographic strengths up to 160 bits, and SHA-256 for strengths up to 256 bits but we think about generally switching to SHA-512 since that hash function is used for the random oracle used by the BLISS signature anyway and SHA-512 performance is usually superior to SHA-256 on 64 bit platforms. |
865 | 16 | Andreas Steffen | |
866 | 16 | Andreas Steffen | * In order to minimize the BLISS signature size, a set of [[BlissHuffmanCodes|Huffman Codes]] is used to encode the tuples (abs(z1[i]) >> 8, z2d[i]), with i = 0 .. 511. The sign and lower 8 bits of z1[i] are encoded using a fixed 9 bit field as described by Thomas Pöppelmann, Léo Ducas and Tim Güneysu in "Enhanced Lattice-Based Signatures on Reconfigurable Hardware":http://eprint.iacr.org/2014/254.pdf. |
867 | 19 | Andreas Steffen | |
868 | 19 | Andreas Steffen | * Measured BLISS Signature Size* |
869 | 35 | Andreas Steffen | |
870 | 1 | Andreas Steffen | |Scheme |Bit-packed |Partially Huffman-coded |Compression Rates | |
871 | 35 | Andreas Steffen | |BLISS-I |>.7375 bits |>.5718 .. 5793 .. 5884 bits |>.22.5 .. 21.4 .. 20.2 % | |
872 | 33 | Andreas Steffen | |BLISS-III |>.7950 bits |>.6093 .. 6167 .. 6255 bits |>.23.4 .. 22.4 .. 21.3 % | |
873 | 34 | Andreas Steffen | |BLISS-IV |>.8543 bits |>.6644 .. 6725 .. 6784 bits |>.22.3 .. 21.3 .. 20.6 % | |
874 | 34 | Andreas Steffen | |
875 | 34 | Andreas Steffen | *statistics based on a measurement set of 50 signatures, each |
876 | 1 | Andreas Steffen | |
877 | 35 | Andreas Steffen | h2. ASN.1 Syntax |
878 | 35 | Andreas Steffen | |
879 | 23 | Andreas Steffen | h3. Object Identifiers |
880 | 23 | Andreas Steffen | |
881 | 23 | Andreas Steffen | <pre> |
882 | 26 | Andreas Steffen | id-bliss { iso(1) identified-organization(3) dod(6) internet(1) private(4) enterprise(1) ita(36906) bliss(5) } |
883 | 26 | Andreas Steffen | |
884 | 26 | Andreas Steffen | keyType { id-bliss 1 } |
885 | 26 | Andreas Steffen | |
886 | 26 | Andreas Steffen | blissPublicKey { keyType 1 } |
887 | 26 | Andreas Steffen | |
888 | 26 | Andreas Steffen | parameters { id-bliss 2 } |
889 | 26 | Andreas Steffen | |
890 | 43 | Andreas Steffen | bliss-I = { parameters 1 } |
891 | 43 | Andreas Steffen | bliss-II = { parameters 2 } |
892 | 43 | Andreas Steffen | bliss-III = { parameters 3 } |
893 | 43 | Andreas Steffen | bliss-IV = { parameters 4 } |
894 | 43 | Andreas Steffen | bliss-B-I = { parameters 5 } |
895 | 43 | Andreas Steffen | bliss-B-II = { parameters 6 } |
896 | 43 | Andreas Steffen | bliss-B-III = { parameters 7 } |
897 | 43 | Andreas Steffen | bliss-B-IV = { parameters 8 } |
898 | 26 | Andreas Steffen | |
899 | 27 | Andreas Steffen | blissSigType = { id-bliss 3 } |
900 | 26 | Andreas Steffen | |
901 | 27 | Andreas Steffen | blissWithSha512 = { blissSigType 1 } |
902 | 47 | Andreas Steffen | blissWithSha384 = { blissSigType 2 } |
903 | 47 | Andreas Steffen | blissWithSha256 = { blissSigType 3 } |
904 | 23 | Andreas Steffen | </pre> |
905 | 23 | Andreas Steffen | |
906 | 23 | Andreas Steffen | h3. BLISS Private Key |
907 | 23 | Andreas Steffen | |
908 | 27 | Andreas Steffen | <pre> |
909 | 27 | Andreas Steffen | BlissPrivateKey ::= SEQUENCE { |
910 | 27 | Andreas Steffen | parameter OBJECT IDENTIFIER, |
911 | 27 | Andreas Steffen | public BIT STRING, -- A |
912 | 23 | Andreas Steffen | secret1 BIT STRING, -- s1 |
913 | 23 | Andreas Steffen | secret2 BIT STRING -- s2 } |
914 | 29 | Andreas Steffen | </pre> |
915 | 1 | Andreas Steffen | |
916 | 44 | Andreas Steffen | As *parameter* one of the BLISS parameters OIDs *bliss-B-I* .. *bliss-B-IV* is used. |
917 | 29 | Andreas Steffen | |
918 | 1 | Andreas Steffen | h3. BLISS Public Key |
919 | 28 | Andreas Steffen | |
920 | 28 | Andreas Steffen | <pre> |
921 | 28 | Andreas Steffen | SubjectPublicKeyInfo ::= SEQUENCE { |
922 | 1 | Andreas Steffen | algorithm AlgorithmIdentifier, |
923 | 28 | Andreas Steffen | subjectPublicKey BIT STRING } |
924 | 28 | Andreas Steffen | |
925 | 28 | Andreas Steffen | AlgorithmIdentifier ::= SEQUENCE { |
926 | 23 | Andreas Steffen | algorithm OBJECT IDENTIFIER, |
927 | 1 | Andreas Steffen | parameters OBJECT IDENTIFER } |
928 | 30 | Andreas Steffen | </pre> |
929 | 23 | Andreas Steffen | |
930 | 44 | Andreas Steffen | As *algorithm* the *blissPublicKey* OID is used and *parameters* indicates one of the BLISS parameter OIDs *bliss-B-I* .. *bliss-B-IV*. |
931 | 45 | Andreas Steffen | |
932 | 45 | Andreas Steffen | h2. References |
933 | 45 | Andreas Steffen | |
934 | 46 | Andreas Steffen | * "BLISS Home":http://bliss.di.ens.fr/ at ENS (École Normale Supérieure) |
935 | 46 | Andreas Steffen | |
936 | 45 | Andreas Steffen | * "Practical Lattice-based Digital Signature Schemes":http://csrc.nist.gov/groups/ST/post-quantum-2015/presentations/session9-oneill-maire.pdf, NIST Workshop on Cybersecurity in a Post-Quantum World |
937 | 1 | Andreas Steffen |