Blind e-signature with RSA
Blind e-signature with RSA
This protocol is executed between Student Alice (You) and Mentor Bob.
Parameter values sent by Alice are included in brackets [ ] and must NOT be entered in the corresponding input fields.
The following functions are used in the protocol:
>>mod_exp(g,x,p)
>>randi(z)
>>genstrongprime(nob)
>>eeuklid(e,φ)
1. Generate two prime numbers p and q having length less than 20 bits using function genprime(). Send numbers [p,q] for verification to the Mentor.
2. Calculate value n=p*q and Euler's totient function's value φ=(p-1)*(q-1). Send [n,φ] for verification to the Mentor.
3. Choose RSA exponent e satisfying condition gcd(e, φ)=1 and private key d using extended Euclidean algorithm. Send [e,d] for verification to the Mentor.
4. Message is signed by Mentor m', m' is blinded version of message m. Calculate signature s'=m‘^d mod n and send it Mentor [s']
5. Mentor send his public parameter n_m, e_m. Sign your message D_t (e.g. D_t = 123456), send r and m = d_t * r^e_m mod n_m to mentor. [D_t,r,m]
6. Mentor signature s_m. Calculate s = s_m*r^-1 mod n_m and verify that signature is true se = s^e_m mod n_m. [s,se]