[Verifpal] Feature request: ring signatures
nadim at symbolic.software
Thu Feb 6 15:46:07 CET 2020
Ring signatures sounds like a great primitive to add to Verifpal. I propose the following interface:
knows private a
knows private m
ga = G^a
// Alice has previously received G^b, G^c
s = RINGSIGN(a, m, G^a, ga, gc)
Alice -> Bob: m, s, ga
_ = RINGSIGNVERIF(ga, m, s, ga, G^b, gc)?
Would this interface work for your use case?
Symbolic Software • https://symbolic.software
> On 5 Feb 2020, at 10:01 PM, Sebastian Reynaldo Verschoor via Verifpal <verifpal at lists.symbolic.software> wrote:
> Not sure if this is the way to do it, but I'd like to request a new crypto primitive for Verifpal, namely ring signatures.
> The reason is that I'd be interested in modelling OTRv4, where ring signatures are used for deniability. (In that context, I would only need unlinkable, untraceable signatures over three public keys, if that makes the request easier?)
> As a possible alternative, I was wondering if you are planning the option for the user to construct their own primitives in some future release?
> Verifpal mailing list
> Verifpal at lists.symbolic.software
-------------- next part --------------
A non-text attachment was scrubbed...
Size: 833 bytes
Desc: Message signed with OpenPGP
More information about the Verifpal