Crypto Idea; Multi-Part Sigs
Eric Hughes
hughes at ah.com
Tue Oct 5 13:19:09 PDT 1993
>You can't have it that each of three individuals can decrypt messages
>sent to a key, while they all have to cooperate to sign messages.
You can, but the key can't be a regular RSA key.
>Generally speaking, decryption and signing are identical in the RSA
>cryptosystem.
That's right, don't use RSA as such.
Choose two RSA keys. Make one as Hal describes for signing. Use the
other one for receiving. The public key in this system is a pair of
public RSA keys. You break symmetry, and lose automatic PGP support,
but it seems to have the characteristics required.
Eric
More information about the cypherpunks-legacy
mailing list