MATH: Brands cash, Hal's posts
Hal
hfinney at shell.portal.com
Fri Aug 26 22:07:54 PDT 1994
Karl Barrus <klbarrus at owlnet.rice.edu> writes a very nice set
of examples of some of the discrete-log protocols using actual numbers.
I did leave one thing out:
>* Schnorr identification protocol
>[...]
>> 3. Paul calculates r = cx+w and sends that to Vicki.
>Paul calculates r = 561 * 555 + 200 = 311555.
This works, but it will be more efficient to take r mod the order of g,
which would be n-1 in this case. The same thing applies to all of the
other places where we multiply and add exponents.
>> 4. Vicki confirms that g^r = (GX^c)*GW. Both should be g^(cx+w).
This should still be true with r = cx+w mod (n-1).
I departed from the nice step-by-step description for the actual cash
protocols because they are so complicated and I wanted to explain it as
I went. If Karl gets far enough to try doing that it would probably be
worthwhile to rewrite that portion first.
Hal
More information about the cypherpunks-legacy
mailing list