[Cryptography] Is ASN.1 still the thing?

Ron Garret ron at flownet.com
Sat Nov 25 20:18:19 EST 2017


On Nov 24, 2017, at 11:36 PM, John-Mark Gurney <jmg at funkthat.com> wrote:

> Ron Garret wrote this message on Mon, Nov 13, 2017 at 18:11 -0800:
>> On Nov 13, 2017, at 6:20 AM, David Wong <davidwong.crypto at gmail.com> wrote:
>> 
>>> If you want something fast (binary), but don't want the awfulness of
>>> ASN.1 I believe google's protobuf is the state of the art solution. Or
>>> better, you can have a fixed structure (with fixed sized fields) and I
>>> believe this is what Wireguard does.
>> 
>> I got fed up with the complexity of ASN.1 and DER and designed my own binary serialization format for my implementation of the Signal double-ratchet.  The only documentation is in the in-line comments of the original implementation, which was done in Common Lisp:
>> 
>> https://github.com/rongarret/tweetnacl/blob/master/ratchet.lisp
>> 
>> Docs start at line 82.  The Javascript version is at:
>> 
>> https://github.com/rongarret/ratchet-js
>> 
>> The format is not quite unambiguous.  Binary fields whose length is a power of 2 can be encoded in two different ways.  But that is the only ambiguity, and it could easily be fixed if needed.
>> 
>> Feedback would be very much appreciated.
> 
> My feedback:
> Please don't advertise this.

I haven’t.

> The reason being that it will just muddy the waters of an already
> confusing landscape, and doesn't have types needed for modern data
> interchange like datetime, floating point, or arbitrary key-value
> dictionaries (yes, you have classes, but no, they aren't arbitrary)..

Well, this format is not intended for “modern data interchange”, it’s intended for encoding data for crypto protocols, so it’s intentionally minimal.  The idea is to keep the potential attack surface as small as possible.  It’s intended for encoding message headers, not payload data.  I’m not aware of any crypto protocols that require floats or arbitrary dictionaries.  Some protocols require time stamps but there are too many different ways to encode those to bake one format into the standard.  If you need a datetime you can either encode it as an integer, or define a structure type for it.

BTW, it’s actually pretty straightforward to send arbitrary key-value dictionaries using my encoding: all you have to do is define a key-value structure, and then assemble a list of those.

rg



More information about the cryptography mailing list