[prev in list] [next in list] [prev in thread] [next in thread]
List: gcrypt-devel
Subject: Re: Blind signatures with libgcrypt
From: Christian Grothoff <grothoff () gnunet ! org>
Date: 2015-04-08 22:38:57
Message-ID: 5525AE01.8060600 () gnunet ! org
[Download RAW message or body]
[Attachment #2 (multipart/signed)]
Hi Jan,
You can find sample code for doing this in GNUnet:
https://gnunet.org/svn/gnunet/src/util/crypto_rsa.c
Happy hacking!
Christian
On 04/08/2015 11:07 PM, Jan Svensson wrote:
> Hello,
>
> I'm working on a project where I'm thinking of creating three small programs in \
> e.g. the C language that all would use Libgcrypt if possible:
> * a program "generate_blinding_factor" that generates a blinding factor "b".
> * a program "blind" that takes a short text message in clear text and a blinding \
> factor "b" as input parameters and gives as output the message in \
> blinded format.
> * a program "unblind" that takes a signed blinded message and a blinding factor "b" \
> as input parameters and unblinds the message to get the output of the signed \
> message in clear text.
> Course of events:
> 1. the user would use "generate_blinding_factor" to generate a blinding factor "b"
> 2. the user would use "blind" with parameters "message" and "b" to blind the clear \
> text message. 3. the user would send the blinded message to the signer.
> 4. the signer would sign the blinded message with e.g. "gpg --output \
> blinded_message.sig --sign blinded_message" while not being able to see the clear \
> text of the message he/she signs. 5. the signer would send the signed blinded \
> message back to the user. 6. the user would use "unblind" with parameters "signed \
> blinded message" and "b" to unblind the message and getting the clear text message \
> signed by the signer. 7. the user would later (at the same time as other users) \
> anonymously send the signed message to the signer.
> We can assume that the signer keeps the blinded message he/she received in step 3 \
> above so when the signer in step 7 gets to see the unblinded message in clear text, \
> now also with the signers signature, then the signer cannot link those two messages \
> to each other, i.e. sign(blind(message,b),d) and sign(message,d) cannot be linked.
> Would it be possible to do the above with Libgcrypt and RSA? I've read in \
> http://www.gnupg.org/documentation/manuals/gcrypt/gcrypt.pdf that Libgcrypt uses \
> blinding for RSA decryption. It would be really nice if it was possible to use \
> Libgcrypt in this project since I suppose it would be much more complicated for me \
> to try to fetch the relevant code from Libgcrypt and then try to build all the \
> three programs above without any library calls to Libgcrypt.
> Kind regards,
> Jan
>
>
> _______________________________________________
> Gcrypt-devel mailing list
> Gcrypt-devel@gnupg.org
> http://lists.gnupg.org/mailman/listinfo/gcrypt-devel
>
["signature.asc" (application/pgp-signature)]
_______________________________________________
Gcrypt-devel mailing list
Gcrypt-devel@gnupg.org
http://lists.gnupg.org/mailman/listinfo/gcrypt-devel
[prev in list] [next in list] [prev in thread] [next in thread]
Configure |
About |
News |
Add a list |
Sponsored by KoreLogic