[137197] in cryptography@c2.net mail archive
Re: voting by m of n digital signature?
daemon@ATHENA.MIT.EDU (Richard Salz)
Sun Nov 9 14:55:11 2008
In-Reply-To: <4916AB0E.4000108@echeque.com>
To: "James A. Donald" <jamesd@echeque.com>
Cc: cryptography@metzdowd.com, owner-cryptography@metzdowd.com
From: Richard Salz <rsalz@us.ibm.com>
Date: Sun, 9 Nov 2008 14:50:47 -0500
> Is there a way of constructing a digital signature so
> that the signature proves that at least m possessors of
> secret keys corresponding to n public keys signed, for n
> a dozen or less, without revealing how many more than m,
> or which ones signed?
Yes there are a number of ways. Usually they involve splitting the
private key so that when a quorum of fragment signatures are done, they
can be combined and the result verified by the public key. Look for
multi-step signing or threshold signatures, for example.
Disclaimer: I worked at CertCo who had the "best" technology in this area.
It was created for SET.
/r$
--
STSM, DataPower Chief Programmer
WebSphere DataPower SOA Appliances
http://www.ibm.com/software/integration/datapower/
---------------------------------------------------------------------
The Cryptography Mailing List
Unsubscribe by sending "unsubscribe cryptography" to majordomo@metzdowd.com
