blindsign

一个Rust库，用于计算和验证盲签名，该签名是作为多步骤盲签名方案的一部分，该方案在论文基于椭圆曲线密码学的盲签名方案中描述。

关于

盲签名允许请求者在不让签名者知道消息内容的情况下对消息进行签名。此外，尽管签名者和拥有签名者公钥的任何人都可以验证消息上的签名，但签名者不能将未解密的签名与解密消息上的盲签名联系起来。

盲签名与未解密签名之间的不可链接性，以及验证未解密消息上的未解密签名的功能，使得盲签名方案成为匿名电子现金、匿名成员集约束投票和可撤销匿名等事物的首选算法。

文档

blindsign文档提供了如何使用此库提供的各种组件的详细说明。

使用

将此添加到您的Cargo.toml

[dependencies]
blindsign = "0.0.4"

并将此添加到您的crate根目录

extern crate blindsign;

使用该协议的完整序列，其中线性表示客户端和服务器端步骤。

use sha3::Sha3_512;

use blindsign::{
    keypair::BlindKeypair,
    signature::{UnblindedSigData, WiredUnblindedSigData},
    request::BlindRequest,
    session::BlindSession,
    Error, Result,
};

// Generates a new keypair. The private key is used for creating blind
// signatures on the blinded message, and the public key is used for
// authenticating the unblinded signature on the unblinded message.
let keypair = BlindKeypair::generate().unwrap();

// Initiates a new blind session (bs) on the signer side, the first step of
// which is generating of the value R' (rp).
let (rp, bs) = BlindSession::new().unwrap();

// Initiates a new blind request on the requester side, which is input R' and
// generates e' (ep).
let (ep, br) = BlindRequest::new::<Sha3_512>(&rp).unwrap();

// Signs the e' value, which is essentially the blinded message hash. Produces
// S' (sp), which is the blind signature.
let sp = bs.sign_ep(&ep, keypair.private()).unwrap();

// Forms a new unblinded signed message object on the requester side, when
// provided with the blind signature previously generated by the signer
// side.
let unblinded_signed_msg = br.gen_signed_msg(&sp).unwrap();

// A demonstration of converting the unblinded signed message between
// internal representation and wired format for transmission over the
// network.
let wired = WiredUnblindedSigData::from(unblinded_signed_msg);
let sig = wired.to_internal_format().unwrap();

// A demonstration of authenticating the blind signature
assert!(sig.authenticate(keypair.public()));

许可证

• 本实现采用MIT许可证