Seth Schoen of the EFF proposed an interesting cryptographic primitive
called a hard to verify signature in his blog at
http://vitanuova.loyalty.org/weblog/nb.cgi/view/vitanuova/2004/09/02 .
The idea is to have a signature which is fast to make but slow to verify,
with the verification speed under
At 11:48 AM 9/8/04 -0700, Hal Finney wrote:
Seth Schoen of the EFF proposed an interesting cryptographic primitive
called a hard to verify signature in his blog at
http://vitanuova.loyalty.org/weblog/nb.cgi/view/vitanuova/2004/09/02 .
The idea is to have a signature which is fast to make but slow
Hi
I proposed a related algorithm based on time-lock puzzles as a step
towards non-parallelizable, fixed-minting-cost stamps in section 6.1
of [1], also Dingledine et al observe the same in [2].
The non-parallelizable minting function is in fact the reverse: sender
encrypts (expensively) and the
From: \Hal Finney\ [EMAIL PROTECTED]
Sent: Sep 8, 2004 2:48 PM
To: [EMAIL PROTECTED]
Subject: Seth Schoen's Hard to Verify Signatures
The method Seth describes is to include a random value in the signature
but not to include it in the message. He shows a sample signature
with 3 decimal digits
On Wed, Sep 08, 2004 at 12:44:39PM -0700, Major Variola (ret) wrote:
[...]
In an RSA cryptosystem the public exponent is typically low, often
3 or 65537 (for efficiency reasons only a few bits are set; the other
constraint is that your message, raised to that power, wraps in your
modulus,
