**

**

€2.00

Tax included

**Blind e-signature with RSA**

This protocol is executed between Student Alice (You) and Mentor Bob.

Parameter values sent by Alice are included in brackets [ ] and must **NOT** be entered in the corresponding input fields.

The following functions are used in the protocol:

**>>mod_exp(g,x,p)**

**>>randi(z)**

**>>genstrongprime(nob)**

**>>eeuklid(e,φ)**

1. Generate two prime numbers **p** and **q** having length less than 20 bits using function **genprime()**. Send numbers **[p,q]** for verification to the Mentor.

2. Calculate value **n=p*q** and Euler's totient function's value **φ=(p-1)*(q-1)**. Send **[n,φ]** for verification to the Mentor.

3. Choose RSA exponent e satisfying condition **gcd(e, φ)=1** and private key **d** using extended Euclidean algorithm. Send **[e,d]** for verification to the Mentor.

4. Message is signed by Mentor **m'**, **m'** is blinded version of message **m**. Calculate signature **s'=m‘^d mod n** and send it Mentor **[s']**

5. Mentor send his public parameter **n_m**, **e_m**. Sign your message **D_t** (e.g. D_t = 123456), send **r** and **m = d_t * r^e_m mod n_m** to mentor. **[D_t,r,m]**

6. Mentor signature **s_m**. Calculate** s = s_m*r^-1 mod n_m** and verify that signature is true **se = s^e_m mod n_m.** **[s,se]**

49933 Items