Sunday, January 18, 2009

Blind Signature

Blind signature is a technique which is used to obtain digital signature on some value without exposing that. The scenario is like this, consider a person A who wants a digital signature of B on some message m, but at the same time A did not want to disclose the message even to B. How to do it?

The question seems complex! if B does not know the massage then how could he sign on it? D. Chaum had proposed a solution for this problem in his paper "blind signature for untraceable cash". The proposal is as follows.
  1. Let public key of B is (n,e)
  2. A generates a random number r
  3. Then A calculates c=m*(r^e) and sends to B for digital signature
  4. B now did not know about m, because he got m*(r^e) and since r is not disclosed to B he has no idea about m. B does digital signature on the value m*(r^e) using his private key (n,d).
  5. Signature scheme being RSA the output is actually (m*(r^e))^d. which is (m^d)*(r^ed). which in turn is ( (m^d) * r )
  6. This value is send back to A
  7. Since A knows r he calculates inverse of r say r'. such that r*r' = 1 mod n. And then finds s=( (m^d) * r ) * r'.
  8. Value of s is m^d which is the digital signature on m by B.
The digital signature of m is been obtained by A without even exposing the value of m to B.

Saturday, January 17, 2009

RSA

This is an algorithm used for public key cryptography. The algorithm was suggested in 1977 by Ran Rivest, Adi Samir and Len Adleman therefore called RSA. The algorithm can be described as follows.

Key Generation:
  • Choose two large random prime numbers P and Q of approximately equal size.
  • Compute n = P . Q and fi = (p-1) . (Q-1)
  • Choose an integer positive integer e, which is less than fi, such that gcd(e,fi)=1
  • Compute secret component d, such that d is positive and less than fi, and e.d = 1 (mod fi)
  • Declare public key (n,e) and the private key as (n,d)
n is known as modulus. e is known as encryption exponent, and d is known as decryption exponent.

--------------------------------------------------------------------------------------
Now let A wants to send a message m to B.

Encryption By A:
  1. Obtain B's public key (n,e)
  2. When message to be send is m. compute c = (m^e) mod n
  3. Send c to B.
Decryption By B:
  1. B uses his private key (n,d) to compute m = (c^d) mod n
  2. m is the required message.
--------------------------------------------------------------------------------------
What actually digital signature is ?
Let you want to send a message to a recipient, you prepare the message and send it to the recipient, but the problem here is that the recipient on getting the message want to be sure that message is actually written by you. To satisfy this requirement you have to provide some additional information to the recipient that makes him sure about your authorization to the message. This additional information is called digital signature. The final line is that, to send a message X you actually have to send the pair (X, digital signature for X).

For example let A wants to put digital signature on any of his document DOC

Digital Signature:
  1. Create a message digest of the information to be sent. In our case A uses any of the hash function (let f) to find message digest f(DOC)
  2. represent this digest as an integer m between 0 and n-1. In our case take modulus i.e. m=f(DOC) mod n.
  3. Use own private key (n,d) to compute the signature s=(m^d) mod n
  4. Send this signature s to the recipient. in full send (DOC,s) to receiver
Signature Verification:
receiver gets (DOC,s) from the sender
  1. Use the sender's public key (n,e) to compute integer v=(s^e) mod n, this is the process of extraction of the message digest
  2. Independently compute the message digest of the information that has been signed, that is compute f(DOC)
  3. if both message digests are identical, the signature is valid.
--------------------------------------------------------------------------------------

Saturday, January 3, 2009

E-Cash

Electronic money is dominating the way we do payments now a days. Most common ways to do an payment electronically is by using the credit card or debit card. There are two main issues related to these kind of the payments.

1. On Line System:
During the process of payment of money from user to merchant, the merchant first establishes an online connection with the bank which involved in the transfer of money from the purchaser's account to the merchant's account. This online system should be avoided because of two reasons.
(a) It is against to the accepted concept of the payment. In conventional money transfer when person A want to give x amount of money to B. A need not to contact the bank in any way. He just gives the note of amount x to B, and by this the transaction is over.
(b) It is always not possible to establish a connection with the bank, may be due to lack of network infrastructure or due to error in connection or server problems etc. This inability in establishing the connection should not become a hurdle for the payment between spender and merchant.

2. Identity of the Spender :
Bank can collect the details of the expenditure pattern of the spender by keep tracking of all his payments. This is highly undesirable because it vanishes all the privacy of the spender.

E-Cash is the solution for all the above problems. When E-Cash is used for the payment it does not involves any third party like bank during the money transfer therefore the requirement of online system is suppressed. At the same time E-Cash did not reveal any information about the spender to the bank when it is presented there for its redemption.

Monday, October 13, 2008

Welcome !!

Welcome to all of you who are reading this article, in fact this is my first experiance to write a blog, lets see how it goes. Thanks for spending time on this note.
Kamlesh