The question seems complex! if B does not know the massage then how could he sign on it? D. Chaum had proposed a solution for this problem in his paper "blind signature for untraceable cash". The proposal is as follows.
- Let public key of B is (n,e)
- A generates a random number r
- Then A calculates c=m*(r^e) and sends to B for digital signature
- B now did not know about m, because he got m*(r^e) and since r is not disclosed to B he has no idea about m. B does digital signature on the value m*(r^e) using his private key (n,d).
- Signature scheme being RSA the output is actually (m*(r^e))^d. which is (m^d)*(r^ed). which in turn is ( (m^d) * r )
- This value is send back to A
- Since A knows r he calculates inverse of r say r'. such that r*r' = 1 mod n. And then finds s=( (m^d) * r ) * r'.
- Value of s is m^d which is the digital signature on m by B.
2 comments:
Glad to know more about the blind signature. Blind Signature have many uses like timestamping, digital cash, anonymous access control etc. In fact, you will find out lot of variations on blind signatures theme.
Nice information. I also like your IRCTC seat availability Indian Rail App.
Post a Comment