[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
Re: [Taler] Blind signature decision
|
From: |
Christian Grothoff |
|
Subject: |
Re: [Taler] Blind signature decision |
|
Date: |
Fri, 27 Nov 2015 16:50:34 +0100 |
|
User-agent: |
Mozilla/5.0 (X11; Linux x86_64; rv:38.0) Gecko/20100101 Icedove/38.3.0 |
Hi Raphael,
There is no single overriding reason, as there were several blind
signature schemes we considered. Basically, they shared a combination of
* dramatic increases in complexity
* known vulnerabilities
* lack of performance improvements over RSA (i.e. do 10x this ECC
signature and you get 99% security)
Ultimately, at the end of about a dozen e-mails on the subject, Tanja
Lange told us that RSA blind signatures should be just fine for our
purpose, so we heeded her advice.
-Christian
On 11/27/2015 03:06 PM, Raphael Arias wrote:
> Hi list,
>
> I know there was some discussion in the beginning on whether to use an
> ECC blind signature scheme and a few of them were ruled out because of
> vulnerabilities in the protocols or other reasons. Which is why Taler
> stayed with RSA blind sigs.
>
> I was wondering if there exists documentation about the specific flaws
> and reasons that led to this decision somewhere out there.
>
> Thanks in advance,
> Raphael
>
signature.asc
Description: OpenPGP digital signature