Comments (2)
So, there's actually 3 parties involved here: the challenger, the signer, and the verifier. The challenger has access to the signer's RSA public key, but they want to ensure that the verifier does not. This is a problem because the verifier obviously needs something to verify the signature against.
The challenger generates a random scalar s
which is used to commit to the modulus n
of the signer's regular RSA pubkey ((g^n * h^s) mod m
where m
is a public RSA modulus with an unknown factorization). That commitment is C1
and is published publicly so the verifier has access to it. The trick here is that C1
does not reveal n
. The challenger then encrypts this scalar and "sends" it to the signer ("send" may not be the right word, see below).
This scheme assumes that the signer trusts the challenger to retain the privacy of their RSA modulus.
The main benefit here (aside from privacy on the verification side) is that this scheme is non-interactive and requires no back-and-forth between the challenger and signer. The challenger can generate this encrypted scalar and post it somewhere for the signer to find later.
edit: Also a note about encryption -- the goo.encrypt
function will "inflate" the ciphertext by a random factor to avoid leaking the size of the signer's RSA modulus (this is important if the encrypted payload is posted publicly). All ciphertexts produced by goo.encrypt
are constant size. Other than that, it's standard RSA-OAEP encryption.
from goosig.
This does make more sense. Thanks for the explanation.
from goosig.
Related Issues (7)
Recommend Projects
-
React
A declarative, efficient, and flexible JavaScript library for building user interfaces.
-
Vue.js
🖖 Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.
-
Typescript
TypeScript is a superset of JavaScript that compiles to clean JavaScript output.
-
TensorFlow
An Open Source Machine Learning Framework for Everyone
-
Django
The Web framework for perfectionists with deadlines.
-
Laravel
A PHP framework for web artisans
-
D3
Bring data to life with SVG, Canvas and HTML. 📊📈🎉
-
Recommend Topics
-
javascript
JavaScript (JS) is a lightweight interpreted programming language with first-class functions.
-
web
Some thing interesting about web. New door for the world.
-
server
A server is a program made to process requests and deliver data to clients.
-
Machine learning
Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.
-
Visualization
Some thing interesting about visualization, use data art
-
Game
Some thing interesting about game, make everyone happy.
Recommend Org
-
Facebook
We are working to build community through open source technology. NB: members must have two-factor auth.
-
Microsoft
Open source projects and samples from Microsoft.
-
Google
Google ❤️ Open Source for everyone.
-
Alibaba
Alibaba Open Source for everyone
-
D3
Data-Driven Documents codes.
-
Tencent
China tencent open source team.
from goosig.