Mathematics blind signature in blockchain

blocksight 2021-05-18 17:09:24 阅读数:709

本文一共[544]字，预计阅读时长:1分钟~

mathematics blind signature blockchain

Write it at the front

In the last introduction sigma Protocol extension , We see some clues to the development of signature mechanism , Although signature has introduced many common algorithms , But there are still some special application scenarios that are not mentioned , For example, blind signature , Blockchain privacy project Monero Ring signature and so on , The difference is , These are not independent , Self organized , It depends on the previous Signature Base , Suite, combination, transformation, etc .

This paper focuses on the blind signature mechanism , Although we haven't seen any application in the blockchain yet , If you see it, please let me know ！

Blind signature （Blind Signature）

Blind signature is different from general digital signature , The general idea of digital signature is to generate a series of digital strings which can only be generated by the sender and can not be forged by others , This digital string is also an effective proof of the authenticity of the information sent by the sender . The difference is , The signer of blind signature does not know the specific content of the message it signs , Only at some point in the future （ In the capacity of notary public ） Prove the authenticity of the signature .

It has the following properties ：

The message the signer signs to is invisible （ This is it. “ blind ” The meaning of ）, That is, the signer does not know the specific content of the message he signed .
The signature message is not traceable , That is, when the signature message is published , The signer can't know when it's him / Which one signed .

Note that the nature of the general signature is omitted here （ Unforgeability and non repudiation ）.

Blind signature process

In general, the role of the signature process is only one signer , But blind signature can't be the same role , Because the original message has to be blinded by another provider , Called the receiver of the signed message . The overall process ：

The receiver first performs blind transformation on the data to be signed , Send the transformed blind data to the signer .
Send it to the receiver after it is signed by the signer .
The receiver makes blind transformation to the signature , The result is the signer's blind signature of the original data .

Two properties of blind signature should be guaranteed in the process , It is necessary to make the signer see the blind signature afterwards and not connect with the blind data .

Specific projects can be realized in many ways , The following is an introduction to RSA A combined solution ！

RSA Blind signature principle

hypothesis A It's the receiver ,B It's the signer , Private key d, And make it public RSA Public key (n,e), A Give Way B Blind signature message m, technological process :

A Select the blind factor r, Calculation $m' = m * r^e\ mod\ n$
B Yes m' To sign $m'^d=(m * r^e)^d\ mod\ n$
A Go blind and get the original signature $s =m'^d * r^{-1}=m^d\ mod\ n$

It is easy to prove its correctness , I won't repeat （ About RSA Please refer to historical articles for details ）！

Summary

Blind signature can be regarded as a variant of ordinary signature , Realize special applications .RSA The solution is simple and easy to understand , The actual code engineering needs some extra processing , It may need to be filled and so on .

Okay , The next section continues with Monero The ring signature principle used in the project ！

Link to the original text ：https://mp.weixin.qq.com/s/gjmWhFVBpVrbW_wCd7UucA Welcome to the official account ：blocksight