commit e28159fc763c8d41a4d5779175206dd395adfb49
parent d1a4fc63180185ebf1793fab17748b2070ce6576
Author: Emmanuel Benoist <emmanuel.benoist@bfh.ch>
Date: Thu, 3 Jul 2025 17:05:39 +0200
starting with eliptic curves cryptography
Diffstat:
1 file changed, 21 insertions(+), 1 deletion(-)
diff --git a/doc/cs/article/blind-signatures.tex b/doc/cs/article/blind-signatures.tex
@@ -125,9 +125,29 @@ The requester has now with $m$ and $s$ a message and its valid signature.
% The hash function is simply used on m before the signature and the verification
-
+To be secure, a RSA key needs to be at least 2048 or even better 4096 bit large \cite{}. Signature is also the same size.
\section{Clause Schnorr blind signature}\label{sec:cs}
+Eliptic curves cryptography offers the possibility to have much smaller keys. It is however also possible to build a blind signature scheme based on eliptic curves.
+
+Eliptic curve cryptography bases on the multiplication of a point on the curve G (a generator of the curve with prime order $n$) by a scalar (the private key $k$ ). The result is the public key $K$.
+
+\[K = k.G\]
+
+\paragraph{Signature with eliptic curve cryptography}
+In eliptic curves one can use signature with the Eliptic Curve Digital Signature Algorithm (ECDSA).
+
+To sign a message $m$, this scheme uses a cryptographic hash function $h()$ (for instance SHA-256).
+
+For the signature, we first need to hash the message $m$, $e=h(m)$. Then the signer picks a random nonce $a$ and computes the corresponding point on the curve $A=aG=(x_1,y_1)$. The signer computes $r=x_1 mod n$ (if $r=0$, their pick another nonce $a$).Then one can compute the value $s=a^{-1}(e+kr) mod n$.
+
+The signature is $(r,s)$.
+
+The verification of the signature is done like this. First compute $e=h(m)$. Then $w=k^{-1}
+
+\paragraph{Blind signature}
+
+\paragraph{Clause-Schnorr signature scheme}
\section{Post-Quantum solution for blind signature}\label{sec:pq}
