I would like to know if there is any standard for storing public and private keys for Schnorr signature
Asked
Active
Viewed 160 times
0
-
1There are many variants of Schnorr signatures, on different kinds of groups; see e.g. this. Does the context specify something, like the group used? – fgrieu Jul 30 '21 at 10:28
1 Answers
1
There is none. Schnorr's signature had only ever been academically described, so no standard for it there is all variaty of potentially incompatible specifications for it, lacking a uniform standard. There was standard for ElGamel encryption when NIST was running the OSI Implementor's Workshop, but it wasn't widely used.
There is however, EdDSA, which is a composition of Edwards elliptic curve with Schnorr's signature. It's specified in RFC-8032.
Of course, lacking a uniform standard doesn't prevent us from storing private key as big-endian integers and public keys as big-endian integers or elliptic curve points. All you need is to choose an existing standard (e.g. PKCS#3, SEC#1, IEEE-1363, ISO/IEC-14888-3, etc.) and apply its encoding to the academic version of Schnorr.
DannyNiu
- 9,207
- 2
- 24
- 57
-
Can't agree with "no standard for it". There are too many! For example; ISO/IEC 14888-3 standardizes "Elliptic Curve Schnorr Digital Signature Algorithm" as EC-SDSA [OID 1.0.14888.3.0.11] with variant EC-SDSA-opt [OID 1.0.14888.3.0.13], and EC-FSDSA [OID 1.0.14888.3.0.12]. EC-SDSA-opt is endorsed by ETSI, and BSI also an ECSDSA (with a fix). I was told one of these is used in a Smart Card application. – fgrieu Jul 30 '21 at 10:49
-
1
-
Ok, but i would like to know if there is any known way to save and store the Schnorr keys like you would do with ECDSA's or RSA's – Razvan Marian Jul 30 '21 at 13:39
-