Signing as one member of a set of keys
Ben Laurie
ben at algroup.co.uk
Mon Aug 19 03:49:13 PDT 2002
Anonymous wrote:
> Steps to verify the "ring signature" file (note: you must have the openssl
> library installed):
>
>
> 1. Save http://www.inet-one.com/cypherpunks/dir.2002.08.05-2002.08.11/msg00221.html,
> as text, to the file ringsig.c. Delete the paragraph of explanation, and/or any
> HTML junk, so the file starts with:
>
> /* Implementation of ring signatures from
> * http://theory.lcs.mit.edu/~rivest/RivestShamirTauman-HowToLeakASecret.pdf
> * by Rivest, Shamir and Tauman
>
> and it ends with:
>
> lPglqmmy3p4D+psNU1rlNv6yH/L0PgcuW7taVpbopjl4HLuJdWcKHJlXish3D/jb
> eoQ856fYFZ/omGiO9x1D0BsnGFLZVWob4OIZRzO/Pc49VIhFy5NsV2zuozStId89
> [...]
> */
>
>
> 2. The "[...]" above is where a remailer caused some of the signature
> to be stripped out. Replace the last few lines of ringsig.c with the
> text from
> http://www.inet-one.com/cypherpunks/dir.2002.08.05-2002.08.11/msg00306.html.
> This has the lines from the END PGP PUBLIC KEY BLOCK line onward.
> The last lines of the ringsig.c file should be:
>
> BjHTDH0VZeu3IxUFh37w2fIEehL8WrXvCoCMFnd1/bnn/qI/STXgg6as579/yBIJ
> nJra7Ceru4q4wUssK79T6SdOM6wcvVg96ub4UOTaPO4wYhhadCbLFpl3tPfTLceb
> */
>
>
> 3. Compile ringsig.c using the openssl library, to form an executable file
> "ringsig". Try running ringsig and you will get a usage message.
>
>
> 4. Get the two perl scripts from
> http://www.inet-one.com/cypherpunks/dir.2002.08.05-2002.08.11/msg00313.html
> and save them as "ringver" and "ringsign".
>
>
> 5. Run the ringsig.c file through the "pgp" program to create a PGP key
> ring file from the PGP PUBLIC KEY BLOCK data. With the command line
> version of PGP 2.6.2 the command is:
>
> pgp -ka ringsig.c sigring.pgp
>
> This will also show you the set of keys, one of which made the signature.
>
> *** COULD SOMEONE PLEASE FOLLOW THE STEPS ABOVE AND PUT THE ringsig.c,
> ringsign, ringver, AND sigring.pgp FILES ON A WEB PAGE SO THAT PEOPLE
> CAN DOWNLOAD THEM WITHOUT HAVING TO GO THROUGH ALL THESE STEPS? ***
Once it works, I'll happily do that, but...
> 6. Finally, the verification step: run the ringver perl script, giving the
> PGP key file created in step 5 as an argument, and giving it the ringsig.c
> file as standard input:
>
> ./ringver sigring.pgp < ringsig.c
>
> This should print the message "Good signature".
ben at scuzzy:~/tmp/multisign$ ./ringver pubring.pkr < testwhole
ERROR: Bad signature
(Incidentally, this was the procedure I followed in the first place,
except I manually broke the file into parts, rather than using ringver).
I still suggest sending the relevant file as an attachment, so it
doesn't get mangled in transit.
I wonder how many people are now convinced I didn't write this code? ;-)
Cheers,
Ben.
--
http://www.apache-ssl.org/ben.html http://www.thebunker.net/
Available for contract work.
"There is no limit to what a man can do or how far he can go if he
doesn't mind who gets the credit." - Robert Woodruff
More information about the Testlist
mailing list