Signing as one member of a set of keys

Ben Laurie ben at algroup.co.uk
Mon Aug 19 03:49:13 PDT 2002


Anonymous wrote:
> Steps to verify the "ring signature" file (note: you must have the openssl
> library installed):
> 
> 
> 1. Save http://www.inet-one.com/cypherpunks/dir.2002.08.05-2002.08.11/msg00221.html,
> as text, to the file ringsig.c.  Delete the paragraph of explanation, and/or any
> HTML junk, so the file starts with:
> 
> /* Implementation of ring signatures from
>  * http://theory.lcs.mit.edu/~rivest/RivestShamirTauman-HowToLeakASecret.pdf
>  * by Rivest, Shamir and Tauman
> 
> and it ends with:
> 
> lPglqmmy3p4D+psNU1rlNv6yH/L0PgcuW7taVpbopjl4HLuJdWcKHJlXish3D/jb
> eoQ856fYFZ/omGiO9x1D0BsnGFLZVWob4OIZRzO/Pc49VIhFy5NsV2zuozStId89
> [...]
>  */
> 
> 
> 2. The "[...]" above is where a remailer caused some of the signature
> to be stripped out.  Replace the last few lines of ringsig.c with the
> text from
> http://www.inet-one.com/cypherpunks/dir.2002.08.05-2002.08.11/msg00306.html.
> This has the lines from the END PGP PUBLIC KEY BLOCK line onward.
> The last lines of the ringsig.c file should be:
> 
> BjHTDH0VZeu3IxUFh37w2fIEehL8WrXvCoCMFnd1/bnn/qI/STXgg6as579/yBIJ
> nJra7Ceru4q4wUssK79T6SdOM6wcvVg96ub4UOTaPO4wYhhadCbLFpl3tPfTLceb
>  */
> 
> 
> 3. Compile ringsig.c using the openssl library, to form an executable file
> "ringsig".  Try running ringsig and you will get a usage message.
> 
> 
> 4. Get the two perl scripts from
> http://www.inet-one.com/cypherpunks/dir.2002.08.05-2002.08.11/msg00313.html
> and save them as "ringver" and "ringsign".
> 
> 
> 5. Run the ringsig.c file through the "pgp" program to create a PGP key
> ring file from the PGP PUBLIC KEY BLOCK data.  With the command line
> version of PGP 2.6.2 the command is:
> 
> pgp -ka ringsig.c sigring.pgp
> 
> This will also show you the set of keys, one of which made the signature.
> 
> *** COULD SOMEONE PLEASE FOLLOW THE STEPS ABOVE AND PUT THE ringsig.c,
> ringsign, ringver, AND sigring.pgp FILES ON A WEB PAGE SO THAT PEOPLE
> CAN DOWNLOAD THEM WITHOUT HAVING TO GO THROUGH ALL THESE STEPS? ***

Once it works, I'll happily do that, but...

> 6. Finally, the verification step: run the ringver perl script, giving the
> PGP key file created in step 5 as an argument, and giving it the ringsig.c
> file as standard input:
> 
> ./ringver sigring.pgp < ringsig.c
> 
> This should print the message "Good signature".

ben at scuzzy:~/tmp/multisign$ ./ringver pubring.pkr < testwhole
ERROR: Bad signature

(Incidentally, this was the procedure I followed in the first place, 
except I manually broke the file into parts, rather than using ringver).

I still suggest sending the relevant file as an attachment, so it 
doesn't get mangled in transit.

I wonder how many people are now convinced I didn't write this code? ;-)

Cheers,

Ben.

-- 
http://www.apache-ssl.org/ben.html       http://www.thebunker.net/

Available for contract work.

"There is no limit to what a man can do or how far he can go if he
doesn't mind who gets the credit." - Robert Woodruff





More information about the cypherpunks-legacy mailing list