taler
[Top][All Lists]
Advanced

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: [Taler] G the generator


From: Luis Ressel
Subject: Re: [Taler] G the generator
Date: Sat, 3 Oct 2015 16:40:41 +0200

On Sat, 03 Oct 2015 16:23:28 +0200
Fabian Kirsch <address@hidden> wrote:

> Hi all,
> 
> i hope we can lift the protocol description to an abstraction-level 
> where we do not need to restrict ourselves to
> 
> * the existence of a group generator,
> * the use of RSA,
> * the use of Elliptic curves
> 
> Of course the implementation has to use these. But the
> crypto-*design* should just require
> "any asymetric encryption scheme with a public and a private key that 
> allows blind signatures and
> either DH-Keygen or ElGammal-Encryption".
> 
> In that way taler's crypto would not need reevaluation with each news
> in the crypto field.
>

I agree it'd be helpful to abstract the paper in this regard.

I've got a related question: Why is Taler using Chaum's RSA-based blind
signature protocol? I'm not an expert, but there seem to be some ECC
approaches as well; they typically reduce computation effort and
key/signature size, but require three-pass protocols and might've
undergone less cryptographic scrutiny.

Regards,
Luis Ressel



reply via email to

[Prev in Thread] Current Thread [Next in Thread]