commit d6abf35a10e1a6812a98b88c9aa8201dc4637d35
parent e842ab25bdde1965d7396bc3e2c27bc351f87caa
Author: Matyja Lukas Adam <lukas.matyja@students.bfh.ch>
Date: Mon, 3 Jun 2024 02:32:30 +0200
add eddsa signature describtion
Diffstat:
3 files changed, 13 insertions(+), 3 deletions(-)
diff --git a/doc/thesis/bibliography.bib b/doc/thesis/bibliography.bib
@@ -31,3 +31,11 @@ keywords = {Cryptography},
url = {https://taler.net/papers/cs-thesis.pdf}
}
+@misc{BernsteinEd25519,
+ author = {Daniel J. Bernstein, Niels Duif},
+ title = {High-speed high-security signatures},
+ year = {2011},
+ addendum = {accessed: 03.06.2024},
+ url = {https://ed25519.cr.yp.to/ed25519-20110926.pdf}
+}
+
diff --git a/doc/thesis/chapters/background/blindsign.tex b/doc/thesis/chapters/background/blindsign.tex
@@ -1,13 +1,15 @@
\section{Cryptography Preliminaries}
-The project is based on existing cryptography. The most important cryptographic elements are described in this section.
+The project is based on existing cryptography. The most important cryptographic elements are described in this section. All cryptographic elements used by the Donau are from GNU Taler libraries.
\subsection{Blinded Signature Schemes}
-This section only provides an overview of blinded signatures. Detailed information about blinded signature can be found at \url{https://taler.net/papers/cs-thesis.pdf}. Blinded signatures are the key elements to reach privacy for the donor (see chapter xx). With blinded signatures a blinded unrecognizable message was signed. Only the creator of the blinded message is able to unblind the signature and therefore to receive a valid signature for the unblinded message. The Donau system uses blinded signatures to bind the identity to a donation receipt while hiding the identity of the donor. As a result of the property of blindness, the blind signer Donau is not able to link the cleartext message with the made blind signature or the blind with the unblind signature \cite[p.12]{cryptoeprint:2019/877}. There are multiple blind signature schemes. By using GNU Taler libararies the Donau distinguish the following two equivalent blind signature schemes:
+This section only provides an overview of blinded signatures. Detailed information about blinded signature can be found at \url{https://taler.net/papers/cs-thesis.pdf}. Blinded signatures are the key elements to reach privacy for the donor (see chapter xx). With blinded signatures a blinded unrecognizable message was signed. Only the creator of the blinded message is able to unblind the signature and therefore to receive a valid signature for the unblinded message. The Donau system uses blinded signatures to bind the identity to a donation receipt while hiding the identity of the donor. As a result of the property of blindness, the blind signer Donau is not able to link the cleartext message with the made blind signature or the blind with the unblind signature \cite[p.12]{cryptoeprint:2019/877}. There are multiple blind signature schemes. The Donau distinguishes the following two equivalent blind signature schemes:
\subsubsection{RSA Blind Signature Scheme}
Concrete the RSA-FDH blind signatures are used. Before blinding, to eliminate certain attacks, a Full-Domain Hash on the message is applied. Full-Domain means the hash has the same size as the RSA modulus. The blind signature scheme is similar to the normal RSA signatur scheme. In addition to the normal scheme, the message is blinded with an private and random value. Practically the length of the modulus and therefore for the key size, signature size and the security level is variable. The scheme only has one round trip.\cite{nigelcrypto:2016}
+
\subsubsection{Clause Blind Schnorr Signature Scheme}
The Clause Schnorr Signature Scheme differs from the RSA scheme. Initially the blinder needs two random values from the signer party. One random value from the signer and two random private values are required to blind the message once. This process is repeated and the two blinded messages are sent to the signer, who randomly selects a blinded message for blinding. Two blinded messages are needed to prevent an certain type of attack. In comparision to the RSA scheme, the Clause Schnorr Scheme needs an additional round trip to get the inital nonces from the signer. However, the individual crypto operations are so much faster than the operations from the RSA scheme that the additional round trip is no longer significant. See the measurements for this [p.107-121] \cite{DemHeuz2022}. Because clause schnorr signatures are based on elliptic curves, smaller keys can be used. GNU Taler supports one fixed 256 bit key size, which provides an security level of 128 bits.
-\subsubsection{EdDSA Signatures}
+\subsubsection{EdDSA Signatures}
+For normal, not blinded, signatures, the Donau uses EdDSA signatures. The Edwards-curve Digital Signature Algorithm or for short EdDSA is a scheme for digital signatures based on the twisted Edwards elliptic curves and the Schnorr signature scheme. EdDSA signatures using the curve Curve25519 are also called Ed25519. The Donau only uses Ed25519. Whether Curve25519 or the Edwards-curve, the scheme is very efficient and secure.\cite{BernsteinEd25519}
diff --git a/doc/thesis/thesis.pdf b/doc/thesis/thesis.pdf
Binary files differ.
