It is possible to use blind signatures to produce anonymity-preserving
credentials. The general idea is that, say, British Airways want to
testify that I am a silver BA Executive Club cardholder. First I create
a random number (a nonce), I blind it, then send it to BA. They sign it
with their
SHA-1
20060401
For more explanation, visit
http://deweger.xs4all.nl/20060401.html
Grtz,
Benne de Weger
-
The Cryptography Mailing List
Unsubscribe by sending unsubscribe cryptography to [EMAIL PROTECTED]
From: [EMAIL PROTECTED]
Sent: Mar 30, 2006 3:38 PM
To: cryptography@metzdowd.com
Subject: Re: [Cfrg] HMAC-MD5
I think that we have the evidence. The security MD5 depends
heavily on a lot of nonlinearities in functions F,G,I and on
carries in arithmetic additions. Nonlinearities in F,G,I are
Ben Laurie writes:
It is possible to use blind signatures to produce anonymity-preserving
credentials
It seems to me quite obvious that someone must have thought of this
before - the question is who? Is it IP free?
David Chaum did a great deal of work in this area in the 80s and 90s.
He