1996-03-28 - Question about Blind Signature
Header Data
From: Chein-hsinLiu <r3506010@cml11.csie.ntu.edu.tw>
To: cypherpunks@toad.com
Message Hash: 5b9e575e6e8b7b9ec1836783cf6285899df6c9e25a70466cf73feba91e439970
Message ID: <199603281310.VAA23754@cml11.csie.ntu.edu.tw>
Reply To: N/A
UTC Datetime: 1996-03-28 13:19:10 UTC
Raw Date: Thu, 28 Mar 96 05:19:10 PST
Raw message
From: Chein-hsinLiu <r3506010@cml11.csie.ntu.edu.tw>
Date: Thu, 28 Mar 96 05:19:10 PST
To: cypherpunks@toad.com
Subject: Question about Blind Signature
Message-ID: <199603281310.VAA23754@cml11.csie.ntu.edu.tw>
MIME-Version: 1.0
Content-Type: text/plain
Hi!
I have some stupid question about how to implement blind signature.
I Know it works as follows:
If A wants B to sign X but donot know it is X, A can send
X*PK(random) : PK is public key of B
Then B signs on message:
SK(X*PK(random)) ==> SK(X)*random
Then A can obtain SK(X) by SK(X)*random/random
My question is when I see how RSA encrypts using PKCS
The PKCS block is like this
00 01 FF FF FF FF ... 00 input
Then SK(00 01 FF FF FF .. 00 input) .
If the input = X*PK(random)
then SK(00 01 FF FF FF .. 00 X*PK(random)) will not produce SK(X)*random
How to solve this??
Thanks!!
Thread
Return to March 1996
- Return to “Chein-hsinLiu <r3506010@cml11.csie.ntu.edu.tw>”
Return to “Derek Atkins <warlord@MIT.EDU>”
- 1996-03-28 (Thu, 28 Mar 96 05:19:10 PST) - Question about Blind Signature - Chein-hsinLiu <r3506010@cml11.csie.ntu.edu.tw>
- 1996-03-28 (Thu, 28 Mar 96 08:09:37 PST) - Re: Question about Blind Signature - Derek Atkins <warlord@MIT.EDU>