commit f2b90f1b99e49e022d2c53785fb663c12cc49b2d
parent 45f4e7093f437377c9b31aad034fa0be4755cb29
Author: Tanja Lange <tanja@hyperelliptic.org>
Date: Thu, 23 Jan 2025 12:32:46 +0100
needed to explain sign and verify, sorry, this was still open from earlier
Diffstat:
1 file changed, 4 insertions(+), 3 deletions(-)
diff --git a/doc/usenix-security-2025/paper/technicaldesign.tex b/doc/usenix-security-2025/paper/technicaldesign.tex
@@ -78,7 +78,6 @@ The Donau service is typically run by the tax authority but can be an independen
% nobody can generate a signature that verifies for some message under a
% public key if they do not have access to the matching private key.
- \paragraph{Blind signatures}
Informally, a blind signature is a digital signature where the signer does
not know the message that they are signing. The party requesting the
signature hides the true message with a secret value called a {\bf blinding
@@ -114,7 +113,9 @@ signature on the blinded value $m'\equiv m\cdot r^e \bmod n$ for some randomly
chosen $r$, receive the blind signature $s'$, and obtain the signature on $m$
by unblinding $s'$ by computing $s'/r \bmod n$.
-
+In addition to blind signatures, Donau uses the
+Ed25519~\cite{DBLP:journals/jce/BernsteinDLSY12} signature scheme
+for signing ($\sign$) and verifying ($\verify$).
\subsection{Key generation and initial setup}\label{key_generation_and_initial_setup}
@@ -124,7 +125,7 @@ initial setup steps.
\subsubsection{Donau service key generation}\label{donau_key_generation}
\begin{enumerate}
-\item The Donau service generates an Ed25519~\cite{DBLP:journals/jce/BernsteinDLSY12} keypair
+\item The Donau service generates an Ed25519 keypair
$(D^{\pub}$, $D^{\priv})$, called the {\bf Donau Key}, for digital signatures.
\item The Donau service also generates a set of \textbf{Donation Unit} keypairs
$(K_x^{\pub}, K_x^{\priv})$ for blind signatures, corresponding to different
