存储>> RingSig>> 返回
项目作者: FabioTacke

项目描述 :
Implementation of a ring signature scheme in Swift
高级语言: Swift
项目地址: git://github.com/FabioTacke/RingSig.git
创建时间: 2017-06-14T16:13:03Z
项目社区:https://github.com/FabioTacke/RingSig
开源协议:MIT License
下载


RingSig

The library implements a ring signature scheme in Swift. The algorithm is based on “How to leak a secret” (2001) by Rivest et al.

What is a ring signature scheme?

When using RSA for message authentication the author of the message creates a signature using their private key. The verifier obtains the signer’s public key and checks whether the received message matches the signature. Thus the verifier knows that only someone witch access to the signer’s private key could have been creating the signature.

Ring signatures enable the signer to create a signature that doesn’t reveal their identity. More precisely the signer bundles their public key alongside the public keys of entities that are not involved at all and uses them for creating the signature. The signature then proves the the verifier that the corresponding message was signed by one of the owners of the public keys. Nevertheless the virifier is not able to tell who exactly is the signer.

Installation

Swift Package Manager

.Package(url: "https://github.com/FabioTacke/RingSig.git", majorVersion: 1)

CocoaPods

pod 'RingSig', '~> 1.0'

Usage

  1. import RingSig
  3. // Generate the signer's RSA keypair
  4. let signerKeyPair = RSA.generateKeyPair()
  6. // Generate keypairs for the other participants in the ring signature scheme (i.e. the non-signers)
  7. let nonSignerKeyPairs = [RSA.generateKeyPair(), RSA.generateKeyPair(), RSA.generateKeyPair()]
  8. let nonSignersPublicKeys = nonSignerKeyPairs.map { $0.publicKey }
  10. // The message to be signed
  11. let message = "Hello, World!"
  13. // Sign the message
  14. let signature = RingSig.ringSign(message: message.data(using: .utf8)!, nonSignersPublicKeys: nonSignersPublicKeys, signerKeyPair: signerKeyPair)
  16. // Everybody can now verify that the message was signed by someone of those whose public keys were included in the signature. Still the verifier is not able to tell who of them is the actual signer.
  17. let verified = RingSig.ringSigVerify(message: message.data(using: .utf8)!, signature: signature)
  18. assert(verified)

Disclaimer

The library uses a very basic RSA implementation and therefore shouldn’t be considered to offer high crypto security. Furthermore performance was not a design goal when creating the library.