Giter Site home page Giter Site logo

Comments (2)

chjj avatar chjj commented on August 11, 2024

So, there's actually 3 parties involved here: the challenger, the signer, and the verifier. The challenger has access to the signer's RSA public key, but they want to ensure that the verifier does not. This is a problem because the verifier obviously needs something to verify the signature against.

The challenger generates a random scalar s which is used to commit to the modulus n of the signer's regular RSA pubkey ((g^n * h^s) mod m where m is a public RSA modulus with an unknown factorization). That commitment is C1 and is published publicly so the verifier has access to it. The trick here is that C1 does not reveal n. The challenger then encrypts this scalar and "sends" it to the signer ("send" may not be the right word, see below).

This scheme assumes that the signer trusts the challenger to retain the privacy of their RSA modulus.

The main benefit here (aside from privacy on the verification side) is that this scheme is non-interactive and requires no back-and-forth between the challenger and signer. The challenger can generate this encrypted scalar and post it somewhere for the signer to find later.

edit: Also a note about encryption -- the goo.encrypt function will "inflate" the ciphertext by a random factor to avoid leaking the size of the signer's RSA modulus (this is important if the encrypted payload is posted publicly). All ciphertexts produced by goo.encrypt are constant size. Other than that, it's standard RSA-OAEP encryption.

from goosig.

citypw avatar citypw commented on August 11, 2024

This does make more sense. Thanks for the explanation.

from goosig.

Related Issues (7)

Recommend Projects

  • React photo React

    A declarative, efficient, and flexible JavaScript library for building user interfaces.

  • Vue.js photo Vue.js

    🖖 Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.

  • Typescript photo Typescript

    TypeScript is a superset of JavaScript that compiles to clean JavaScript output.

  • TensorFlow photo TensorFlow

    An Open Source Machine Learning Framework for Everyone

  • Django photo Django

    The Web framework for perfectionists with deadlines.

  • D3 photo D3

    Bring data to life with SVG, Canvas and HTML. 📊📈🎉

Recommend Topics

  • javascript

    JavaScript (JS) is a lightweight interpreted programming language with first-class functions.

  • web

    Some thing interesting about web. New door for the world.

  • server

    A server is a program made to process requests and deliver data to clients.

  • Machine learning

    Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.

  • Game

    Some thing interesting about game, make everyone happy.

Recommend Org

  • Facebook photo Facebook

    We are working to build community through open source technology. NB: members must have two-factor auth.

  • Microsoft photo Microsoft

    Open source projects and samples from Microsoft.

  • Google photo Google

    Google ❤️ Open Source for everyone.

  • D3 photo D3

    Data-Driven Documents codes.