Author

Topic: [NEW Software] Fast Sign Verify (Read 2627 times)

hero member
Activity: 854
Merit: 658
rgbkey.github.io/pgp.txt
August 30, 2015, 12:57:22 PM
#16
Its nice that you provided the source, but its my opinion that tools like these are better done through websites where client side JavaScript can be easily checked.
hero member
Activity: 560
Merit: 509
I prefer Zakir over Muhammed when mentioning me!
August 30, 2015, 12:21:42 PM
#15
I tried to sign a message but there is no field to put the private key so i get error.
 -snip-

Input the private key where you input the address when you sign.
hero member
Activity: 504
Merit: 500
August 30, 2015, 09:41:54 AM
#14
Very nice software.

I think its great for quickly checking messages but not so sure about security when it comes to signing messages.

In order to do so means that you need to copy the private key to be used and that means that your private key will be on the clipboard and in memory and on a compromised computer that could mean compromising your wallet.

I make use of a Trezor together with Electrum so I'll just keep on using that setup to sign any messages as there is no need to 'export' a private key and as such less risk of it being compromised on my pc.

I tried to sign a message but there is no field to put the private key so i get error.
Btw when you copy the private key yes it remains in your memory but after restarting your pc the memory will be cleared.
sr. member
Activity: 336
Merit: 251
August 30, 2015, 08:35:54 AM
#13
Very nice software.

I think its great for quickly checking messages but not so sure about security when it comes to signing messages.

In order to do so means that you need to copy the private key to be used and that means that your private key will be on the clipboard and in memory and on a compromised computer that could mean compromising your wallet.

I make use of a Trezor together with Electrum so I'll just keep on using that setup to sign any messages as there is no need to 'export' a private key and as such less risk of it being compromised on my pc.
hero member
Activity: 504
Merit: 500
August 30, 2015, 08:33:20 AM
#12
Thanks for your support.

I think my software wasn't useful at the time of brainwallet. Now that the web service is closed, FSV seems more useful indeed.

Even if you have Electrum, FSV is much much more faster than Electrum. Also for verification, you don't need to fill every fields. Just paste in the text field the whole signature (PGP style with ----) and it will automatically extract the info. So you just need to paste and click on Verify.

If you use FSV and/or want to promote it, you can RT this Tweet :
https://twitter.com/a_ferron/status/637639550140088321

 

It was almost a year and no comment in this thread so i chose to comment and share my experience which the software make its job. May i know if you can release for android app, maybe will not require to many resources to develop for android market.
full member
Activity: 145
Merit: 102
August 30, 2015, 07:40:15 AM
#11
Thanks for your support.

I think my software wasn't useful at the time of brainwallet. Now that the web service is closed, FSV seems more useful indeed.

Even if you have Electrum, FSV is much much more faster than Electrum. Also for verification, you don't need to fill every fields. Just paste in the text field the whole signature (PGP style with ----) and it will automatically extract the info. So you just need to paste and click on Verify.

If you use FSV and/or want to promote it, you can RT this Tweet :
https://twitter.com/a_ferron/status/637639550140088321

 
legendary
Activity: 1106
Merit: 1000
August 30, 2015, 02:35:58 AM
#10
Great! the developer is must promote this service more intensively, although actually for who have desktop wallet like Electrum on their PC is enough to make a sign message or sign verify, but for thoose who don't have, it's great. good job.
hero member
Activity: 504
Merit: 500
August 29, 2015, 09:39:02 AM
#9
Since brainwallet which i used to verify signed messages is permanently closed then i found this thread and i can say that it is still working to verify signed message.
full member
Activity: 145
Merit: 102
December 22, 2014, 02:27:48 PM
#8
New version v0.40

Windows or Linux/MacOSX

  • Inverse Modular speed up : p primality leads to some optimization : +30% for EC computation
  • Others minor optimizations

Overall speed is 25% faster from previous version.

For now, speed difference for message signature from Electrum (v1.9.8 ) :
Signature   : 10x
Verification :  2x

I consider a fork of Electrum focus on speed "Sparknum", as any EC computation would have this speed up figures if backporting to Electrum.


full member
Activity: 145
Merit: 102
June 16, 2014, 06:10:41 PM
#7
New version v0.30

Windows or Linux/MacOSX

  • Deterministic signature added
  • kG table for faster signing (speed up +46%)
  • No need sig check while checking (speed up +28%)
  • Test vectors and batch checking in ECDSA_BTC
  • Canonical Signature enforced when signing
full member
Activity: 145
Merit: 102
May 26, 2014, 04:22:17 PM
#6
New version v0.14   ( GitHub )

Windows or Linux/MacOSX

  • Signature checking speed up by 25% with double-scalar multiplication ( "Shamir's trick" ).


full member
Activity: 145
Merit: 102
May 25, 2014, 06:23:40 PM
#5
New version v0.12   ( GitHub )

Windows or Linux/MacOSX

  • Waiting messages added
  • Small graphical changes
  • Dont copy signature if error
full member
Activity: 145
Merit: 102
May 24, 2014, 08:45:47 AM
#4
Based on the name of the tool I would guess that the main reason to use this one is speed. How fast is it compared to openssl?

I understand that this software may be simpler to verify than some existing signers. But if it used  openssl which is used everywhere I would say that it would get even better verification. Openssl already had a lot of experts look at it. If this tool does not get such security review, what is the actual benefit of it?

This is not so much faster than openssl. It's named "fast" because one can run it and use it in a simple way and quickly. You can't really compare with openssl as FSV processes Bitcoin signature (magic message, address hashes,..). For verifying, you just paste and click. No need to run a thin nor thick bitcoin client.
FSV is pretty slow for signing or verifying but written in Python it is easier to look at the code and be confident, this is pure python so one can verify everything.

Also this is cross-platform, it can be ran easily on Windows, Linux, or MacOSX.

The main goal is not speed but simplicity, it is light and easy to use, like "one-click" (so at the end, globally this is faster).
full member
Activity: 120
Merit: 100
May 24, 2014, 02:41:52 AM
#3
Based on the name of the tool I would guess that the main reason to use this one is speed. How fast is it compared to openssl?

I understand that this software may be simpler to verify than some existing signers. But if it used  openssl which is used everywhere I would say that it would get even better verification. Openssl already had a lot of experts look at it. If this tool does not get such security review, what is the actual benefit of it?
full member
Activity: 145
Merit: 102
May 23, 2014, 09:09:58 PM
#2
[ Reserved ]

 Cool
full member
Activity: 145
Merit: 102
May 23, 2014, 09:08:05 PM
#1
A new project to make bitcoin enthusiast life easier.

Fast Sign & Verify   "FSV"

This tool can sign or verify a bitcoin signature really easily. It provides one-click checking of signed messages.
It is like Brainwallet but in your PC, no need to have an Internet connection nor to open a web-browser.
This is a open-source software for PC which is focused on ECDSA Bitcoin signature. Some similar tools can exist but this one is really fast, small and easy to use.

The goal is to have a little software that everyone can rely on, to check signature in an easy manner, or sign a message and generate a "PGP like" code ready to paste on forum, in emails, in private message, etc... Then one can verify it just pasting it and click to verify.





Installation :

Linux
Ubuntu (Debian, Xubuntu, Mint, …)
Code:
sudo apt-get install python-wxgtk2.8 python-wxtools wx2.8-i18n
wget http://github.com/antonio-fr/Fast_Sign_Verify/archive/0.40.tar.gz
tar -xvzf v0.40.tar.gz

Fedora / CentOS (Red Hat Linux)
Code:
sudo yum install wxPython
curl -OL http://github.com/antonio-fr/Fast_Sign_Verify/archive/0.40.tar.gz
tar -xvzf v0.40.tar.gz

Then run main.py in Fast_Sign_Verify-0.40 directory like:
Code:
cd Fast_Sign_Verify-0.40
python2.7 main.py


Windows : Get the zip here: ( For XP, Vista, 7, 8, and 8.1 )
http://github.com/antonio-fr/Fast_Sign_Verify/releases/download/0.40/FSV_v040.zip
Unzip and run FSV.exe


On other platforms:
Needs Python 2.7 and WxPython >= 2.8



Usage:

For signing:
Enter a message and a private key (WIF, base58chk).
The private key (for now) cannot be compressed, WIF form "5xPyRzIaVbAcTdEeKfEgY..." is required.
You can chose deterministic signing or standard random signature.
Signature will appear in "signature" field after clicking on "SIGN".
( For now, I don't recommend signing without deterministic in Windows. )

You can copy in clipboard the signature alone (COPY button) or the full signature with "Copy ALL". This will fill the clipboard with "PGP style" signature that you can copy directly in your email, forum message, messenger, etc...



For checking:
Enter :
  • The message
  • A public key (base58chk)
  • A signature (base64)

You can also paste a full message "PGP like" in message field (no need to fill Address nor Signature field.)
It automagically detects the format between these two:

1) Simple "input.io" style
Code:
---- MESSAGE HEADER ----
message signed
is here
---- SIG HEADER ----
1AddressBitcoin
SignatureBase64=
---- END FOOTER ----

2) "Qt1.0" style, Multibit
Code:
---- MESSAGE HEADER ----
message signed
is here
---- SIG HEADER ----
Version: Info
Address: 1AddressBitcoin

SignatureBase64=
---- END FOOTER ----

If you have any other format, you have to enter in the dedicated fields. For example when message is signed with Electrum or official bitcoin client, most of the time you have to enter in 3 fields (message, address and signature).  


Speed Comparison : (time in seconds, lower is better)
Software   Signature     Checking    
Electrum  5.902.00
FSV 0.12  1.101.90
FSV 0.141.101.60
FSV 0.300.751.25
FSV 0.400.610.97
Electrum is not the fastest avalaible,
it is used as a reference since this is also pure python software.


  Why trust this software about reliability, security and accuracy?
I use this tool, I design it for myself. In a way you need to trust me, but also you can look at the code to see everything is right. For message signature or checking this is excellent: easy to use and reliable.


   Why is it written in Python? In C it could be 10000x faster?
- With Python everybody can check and trust this software from sources.
- This is multi-platform, no need binary compilation for each platform.
- I have some skills in Python btw.


Future Improvements
  • Private key import wizard (wallet.dat, DER, ...)
  • Signature export and import options (format, PKCS,...)
  • Private key, address, options saving
  • BTChip integration (signing with USB keycard)


I need to know what is your main source of private key.
Every remarks, ideas, improvement needs are welcome!


Licence GPLv3

Sources:
https://github.com/antonio-fr/Fast_Sign_Verify



Jump to: