Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Blind signatures #81

Open
wants to merge 2 commits into
base: main
Choose a base branch
from
Open

Blind signatures #81

wants to merge 2 commits into from

Conversation

eriktaubeneck
Copy link

In order to help facilitate the conversation in #41, I've copied the content from @johnwilander's comment. This commit is that comment exactly.

The only other commit provides the diff which I believe clarifies the algorithm.

Specifically:

  • The unlikable token in step 3 must be generated using rsabssa_blind from @chris-wood's RSA Blind Signature protocol. This function requires source_secret_token, so it must be generate in step 3.
  • The click source returns unlinkable_token_signature (I believe this was just a typo.)
  • In step 7, the rsabssa_finalize function is used to generate a valid (but unlinkable) signature for source_secret_token (generated in step 3.)
    • The current wording suggests that source_secret_token is generated such that it's valid for the click source signature. This shouldn't be possible without the private key held by the click source (it would be equivalent to breaking the signature security.) Additionally, returning the click source signature as is would provide a tracking vector.

This was referenced May 10, 2021
Open
Open
@privacycg privacycg deleted a comment May 26, 2021
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers
No reviews
Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
1 participant
@eriktaubeneck