org.logi.crypto.sign
Class BlindFingerprint

java.lang.Object
  |
  +--org.logi.crypto.Crypto
        |
        +--org.logi.crypto.sign.Fingerprint
              |
              +--org.logi.crypto.sign.BlindFingerprint

public class BlindFingerprint
extends Fingerprint

This class is used to hold a blinded fingerprint of a particular data buffer.

This blinded fingerprint is calculated from a normal Fingerprint with a blinding function. It can then be signed with a signature key using an algorithm matching the blinding function, whereafter the signature can be un-blinded by the person who blinded the fingerprint. The un-blinded signature can be checked against the original fingerprint directly.

In this library the blinding functions correspond to keys implementing the BlindSignatureKey class. (the following uses the <sub> and <sup> HTML tags, so if it looks unintelligeble and you think you should understand the mathematics, your browser probably doesn't support them.)

For example in the case of RSA blind signatures, the process is the following: We have an RSA key with public exponent e, secret exponent d, and modulus n and wish to sign a message m. First we calculate a fingerprint f = h(m), where h is a hash-function, probably SHA-1. Next we blind this fingerprint using a random number r in f' = fre. This fingerprint is signed normally by the owner of the key-pair and we get the blind signature s' = f'd = (fre)d = fd(re)d = fdr. Finally we can un-blind this signature to get s = s'/r = fd which is a standard signature.

This is secure because multiplication with an element from the modulus group is a one-to-one function and an r exists to convert s' to a signature for any fingerprint f, but it is infeasible to find without knowing the secret modulus d. This means that the signer can not know what he is signing and yet that the person submitting a blinded fingerprint f' to be signed can't convert it to a (blind) signature for another fingerprint f.

Also, the use of the hash function h ensures that the multiplicative property of RSA does not cause problems, since if s1 = f1d and s2 = f2d we will have s = s1s2 = f1df2d = fd for f = f1f2 which could be a major security flaw if the messages were signed directly, but we still have the problem of producing a message m with h(m) = f.

Author:
Logi Ragnarsson (logi@logi.org)
See Also:
Fingerprint, BlindSigningKey, BlindingKey, BlindSignature

Fields inherited from class org.logi.crypto.Crypto
BIT, cdsPath, EMPTY_ARRAY, FOUR, keySource, NIBBLE, ONE, primeCertainty, random, TWO, ZERO
 
Constructor Summary
BlindFingerprint(java.lang.String hashFunc, java.lang.String blindFunc, byte[] fp)
           
BlindFingerprint(java.lang.String hashFunc, java.lang.String blindFunc, byte[] fp, int offset, int n)
           
 
Method Summary
 boolean equals(java.lang.Object obj)
          Test for equality with another object.
 java.lang.String getBlindFunc()
          Return the name of the function used to blind the fingerprint.
 int hashCode()
          Return a hash-code based on the bytes of the fingerprint and the algorithm names.
static Fingerprint parseCDS(java.lang.String[] param)
          Used by Crypto.fromString when parsing a CDS.
 void prettyPrint(java.io.PrintWriter out, int ind, int rec)
          Print this object to out, indented with ind tabs, going down at most rec levels of recursion.
 java.lang.String toString()
          Return a CDS for this fingerprint.
 
Methods inherited from class org.logi.crypto.sign.Fingerprint
create, create, create, getBytes, getHashFunc
 
Methods inherited from class org.logi.crypto.Crypto
binString, binString, ensureArrayLength, ensureArrayLength, equal, equalRelaxed, equalSub, fromHexNibble, fromHexString, fromString, fromString, hexString, hexString, hexString, hexString, hexString, initRandom, initRandom, makeClass, makeInt, makeLong, makeSessionKey, pastSpace, pickBits, pickBits, prettyPrint, readBlock, readInt, trimArrayLength, trimArrayLength, trimLeadingZeroes, writeBytes, writeBytes, writeInt
 
Methods inherited from class java.lang.Object
getClass, notify, notifyAll, wait, wait, wait
 

Constructor Detail

BlindFingerprint

public BlindFingerprint(java.lang.String hashFunc,
                        java.lang.String blindFunc,
                        byte[] fp)

BlindFingerprint

public BlindFingerprint(java.lang.String hashFunc,
                        java.lang.String blindFunc,
                        byte[] fp,
                        int offset,
                        int n)
Method Detail

getBlindFunc

public java.lang.String getBlindFunc()
Return the name of the function used to blind the fingerprint.

parseCDS

public static Fingerprint parseCDS(java.lang.String[] param)
                            throws InvalidCDSException
Used by Crypto.fromString when parsing a CDS.

A valid CDS can be created by calling the toString() method.

Throws:
InvalidCDSException - if the CDS is malformed.
See Also:
Crypto.fromString(String)

equals

public boolean equals(java.lang.Object obj)
Test for equality with another object. Returns true if obj is a Fingerprint equal to this.
Overrides:
equals in class Fingerprint

hashCode

public int hashCode()
Return a hash-code based on the bytes of the fingerprint and the algorithm names.
Overrides:
hashCode in class Fingerprint

toString

public java.lang.String toString()
Return a CDS for this fingerprint.
Overrides:
toString in class Fingerprint

prettyPrint

public void prettyPrint(java.io.PrintWriter out,
                        int ind,
                        int rec)
                 throws java.io.IOException
Print this object to out, indented with ind tabs, going down at most rec levels of recursion.
Overrides:
prettyPrint in class Fingerprint


Copyright (c) 1997-2001 Logi Ragnarsson - Distributed under the GPL