Re: voting by m of n digital signature?

2008-11-14 Thread Florian Weimer
* James A. Donald:

 Is there a way of constructing a digital signature so
 that the signature proves that at least m possessors of
 secret keys corresponding to n public keys signed, for n
 a dozen or less, without revealing how many more than m,
 or which ones signed?

What about this?

  Christian Cachin, Asad Samar
  Secure Distributed DNS
  http://www.zurich.ibm.com/security/dti/#dnsrepl

Or do you require that potential signers must not be able to prove
that they signed?

-
The Cryptography Mailing List
Unsubscribe by sending unsubscribe cryptography to [EMAIL PROTECTED]


Re: voting by m of n digital signature?

2008-11-10 Thread dan

James A. Donald writes:
-+---
 | Is there a way of constructing a digital signature so
 | that the signature proves that at least m possessors of
 | secret keys corresponding to n public keys signed, for n
 | a dozen or less, without revealing how many more than m,
 | or which ones signed?
 | 

quorum threshhold crypto; if Avishai Wool or Moti Yung
or Yvo Desmedt or Yair Frankel or...  are here on this
list, they should answer

a *tiny* contribution on my part

  http://geer.tinho.net/geer.yung.pdf

humbly,

--dan

-
The Cryptography Mailing List
Unsubscribe by sending unsubscribe cryptography to [EMAIL PROTECTED]


Re: voting by m of n digital signature?

2008-11-09 Thread Richard Salz
 Is there a way of constructing a digital signature so
 that the signature proves that at least m possessors of
 secret keys corresponding to n public keys signed, for n
 a dozen or less, without revealing how many more than m,
 or which ones signed?

Yes there are a number of ways.  Usually they involve splitting the 
private key so that when a quorum of fragment signatures are done, they 
can be combined and the result verified by the public key.   Look for 
multi-step signing or threshold signatures, for example.

Disclaimer: I worked at CertCo who had the best technology in this area. 
It was created for SET.
/r$


--
STSM, DataPower Chief Programmer
WebSphere DataPower SOA Appliances
http://www.ibm.com/software/integration/datapower/

-
The Cryptography Mailing List
Unsubscribe by sending unsubscribe cryptography to [EMAIL PROTECTED]