From: owner-cypherpunks@toad.com
To: N/A
Message Hash: 36e14026d6522ce4bdd7fda296b7749593cd268cc6612c220d4554a08c4626a7
Message ID: <199603291532.XAA12310@infinity.nus.sg>
Reply To: N/A
UTC Datetime: 1996-03-29 15:32:12 UTC
Raw Date: Fri, 29 Mar 1996 23:32:12 +0800
From: owner-cypherpunks@toad.com
Date: Fri, 29 Mar 1996 23:32:12 +0800
Subject: No Subject
Message-ID: <199603291532.XAA12310@infinity.nus.sg>
MIME-Version: 1.0
Content-Type: text/plain
Hi!
I have some stupid question about how to implement blind signature.
I Know it works as follows:
If A wants B to sign X but donot know it is X, A can send
X*PK(random) : PK is public key of B
Then B signs on message:
SK(X*PK(random)) ==> SK(X)*random
Then A can obtain SK(X) by SK(X)*random/random
My question is when I see how RSA encrypts using PKCS
The PKCS block is like this
00 01 FF FF FF FF ... 00 input
Then SK(00 01 FF FF FF .. 00 input) .
If the input = X*PK(random)
then SK(00 01 FF FF FF .. 00 X*PK(random)) will not produce SK(X)*random
How to solve this??
Thanks!!
Return to March 1996
Return to “owner-cypherpunks@toad.com”
1996-03-29 (Fri, 29 Mar 1996 23:32:12 +0800) - No Subject - owner-cypherpunks@toad.com